'%3e%3cpath d='M15.3069 13.1535H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 8.15347H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 3.30693H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3c/g%3e%3cdefs%3e%3cclipPath id='clip0_126_10407'%3e%3crect width='16' height='16' fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
Manager - Risk & Compliance - IT
MumbaiResponsibilities :
- Manage information security organization, consisting of direct reports and indirect reports (such as individuals in business continuity and IT operations). This includes hiring, training, staff development, performance management and annual performance reviews
- Develop and enhance an information security management framework based on one or more of the following ISO 27001, ISO 20000 / ITIL, National Institute of Standards and Technology (NIST), DPA, GDPR
- Comprehensive evaluation and establishment of Security control assessment including network vulnerability and Cyber security for JLTI environment
- CAP governance and Incident Management
- Facilitate information security governance through the implementation of a hierarchical governance program, including the formation of an information security steering committee or advisory board
- Develop, maintain and publish up-to-date information security policies, standards and guidelines.
- Oversee the approval, training, and dissemination of security policies and practices
- Work directly with business units to facilitate IS and IT risk assessment processes, and work with stakeholders throughout the enterprise on identifying acceptable levels of residual risk
- Provide regular reporting on the current status of the information security program to enterprise risk teams, senior business leaders and the board of directors as part of a strategic enterprise risk management program
- Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls
- Define and facilitate the information security risk assessment process, including the reporting and oversight of treatment efforts to address negative findings
- Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation
- Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action
- Work closely with related functions or programs like Privacy, Audit, Risk, BCM and coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a security event. Provide direction, support and in-house consulting in these areas
- Coordinating the information security compliance efforts of all internal and outsourced functions that have one or more information security-related responsibilities, to ensure that organization-wide information security compliance efforts are consistent.
- Maintaining the document sufficiency for information security initiatives
- Plan and schedule ISMS Audits activities, coordinate with stakeholders for
- Perform related duties and fulfil responsibilities as required remediation of audit findings
- Evaluating information security exception requests based on valid business
- Managing IT Security Incidents & assisting in finding root cause analysis of security incidents
- Roll out of information security risk assessment program which includes Vulnerability Assessment, Penetration testing, Network & Security Architecture, Application Security reviews, Endpoint security,
- Excellent written and verbal communication skills, presentation skill, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences
- Knowledge and understanding of relevant legal and regulatory requirements, eg: IT ACT, Cyber Security Policy 2013, GDPR, DPA
Person Specifications :
Education Essential :
Graduate from a recognized institute in Information technology/ System / Security
Desirable :
Postgraduate/MBA in Information Security
Work Qualifications Essential :
Certified risk manager (CRM) or experience in dealing with a Regulator (RBI, SEBI, IRDA or TRAI)
ISO certified lead Auditor in 27001/22301
Desirable:
CISSP/CISM/CISA/ CEH
Experience Essential:
- 5 - 12 years of experience in the Risk and compliance/Information Security domain in financial services or IT/ ITES with proven track record in service delivery
- Ability to gauge risk and compliance impact of projects
- Experience/Knowledge in Application/Network Security.
- Strong Stakeholder management skills.
Desirable:
Prior experience of working in the insurance sector
Knowledge Essential:
- Knowledge Risk Management Frameworks
- Knowledge of ISO standards
- Network/Application security
Desirable: SSDLC
Skills & Abilities Essential :
- Excellent communication and presentation skills
- Analytical abilities
- Highly detail oriented and strong interpretational skills
- Strong Managerial and building and t skills
- High degree of problem solving skills to resolve problems in a multi-product/service environment
- Ability to understand business issues/customer requirements and provide solutions
call at 9891136660
Didn’t find the job appropriate? Report this Job
'%3e %3cpath d='M24 48C37.2548 48 48 37.2548 48 24C48 10.7452 37.2548 0 24 0C10.7452 0 0 10.7452 0 24C0 37.2548 10.7452 48 24 48Z' fill='%23333333' fill-opacity='0.8'/%3e %3cpath fill-rule='evenodd' clip-rule='evenodd' d='M22.5299 19.0115V19.5849V29.0154V31.5316C22.5299 32.3403 23.1967 33 24.004 33C24.8114 33 25.4784 32.3358 25.4784 31.5316V29.0154V19.5849V19.013L29.4885 23.0077C30.0627 23.5795 31.0044 23.5743 31.5733 23.0077C32.1421 22.441 32.1423 21.4975 31.5735 20.9308L30.1054 19.4684C30.0891 19.4504 30.0724 19.4329 30.0551 19.4156L25.0837 14.4634L25.0479 14.4264C24.9234 14.3024 24.7807 14.2055 24.6281 14.1358L24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946C24.0039 13.8983 23.3839 14.0068 22.9622 14.4268L22.9533 14.436L21.4743 15.9093C21.4615 15.9211 21.449 15.933 21.4367 15.9452L16.4286 20.934C15.8598 21.5008 15.8545 22.4389 16.4286 23.0108C17.0027 23.5826 17.9394 23.5827 18.5135 23.0109L20.0019 21.5283C20.0147 21.5164 20.0274 21.5043 20.0399 21.492L22.5299 19.0115ZM24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946L24.5952 14.1212Z' fill='white'/%3e %3c/g%3e %3cdefs%3e %3cclipPath id='clip0_99_1825'%3e %3crect width='48' height='48' fill='white'/%3e %3c/clipPath%3e %3c/defs%3e%3c/svg%3e "Scroll Up"){kind=small}