HR at Nippon Life India Asset Management Limited
Views:168 Applications:34 Rec. Actions:Recruiter Actions:15
Nippon Life India Asset Management - Business Information Security Officer (9-13 yrs)
Purpose of the Job:
Ensure protection of all information assets from malware, unauthorized leakages and unauthorized access. Removal of vulnerabilities from the network / systems in order to strengthen information security apparatus and ensure compliance with Group information security policy.
- Ensuring People, Technology and Physical security compliance and reporting non compliance in a timely manner.
- Carry out Risk Assessment and Data Flow Analysis.
- Ensuring regulatory compliance including compliance with SEBI Regulations, IT Act etc.
- Handle security operations, investigate all security incidents and conclude investigation
- Review new applications throughout security development life cycle and maintenance phase
- Help the technology team to resolve outstanding exceptions and vulnerabilities found in VAPT / new applications before they go live
- Help the technology team to close out issues relating to systems / servers / network in Systems Audits.
- Monitoring network environment including the web, PCs and email through data leak protection software, logs and triggers to ensure that there are no unauthorized data leakages, alien assets in the network and unauthorized breaches.
- Securing IT systems by establishing and enforcing policies; defining and monitoring access.
- Reporting of breaches / vulnerabilities to Group Chief Information Security Officer / RCAM Chief Technology Officer and Chief Risk Officer.
- Collaborate with Business risk team, Enterprise risk team for aligning information security risk with business risk/enterprise risk.
- Managing security compliance of International locations.
- Active participation in DR and BCP drills.
- Contributing to Information Security policy updates.
- Training and awareness for staff on network and information security procedures.
Role Specific Competencies:
- Information security domain knowledge
- Strong in information security processes
- Functional domain knowledge of the asset management / banking industry, while not mandatory, will be an added plus Information security, Project Management
Technology Knowledge: will include knowledge of at least a few of the following areas:
Web applications, mobile applications, LAN Knowledge, Proxy Servers, Databases, Network Design and Implementation, Network Hardware Configuration, Working knowledge on Switches, Firewalls, Intrusion Prevention Systems (IPS), Routers and network devices, data encryption and other security measures. Working Knowledge on Windows and Linux Servers, SAN and other Storage units, Blade Servers.