'%3e%3cpath d='M15.3069 13.1535H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 8.15347H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3cpath d='M15.3069 3.30693H1' stroke='%23333333' stroke-width='1.4' stroke-linecap='round' stroke-linejoin='round'/%3e%3c/g%3e%3cdefs%3e%3cclipPath id='clip0_126_10407'%3e%3crect width='16' height='16' fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
Risk Manager - IT Security - BFSI
MumbaiJOB PURPOSE
Summarise briefly, the purpose of the role
This position is to perform the role of information security risk analysis and risk management in the Bank. The Risk management should cover- Risks analysis, risk assessment for various projects and existing solutions. It includes below:
- Follow a risk assessment process that is consistent across all risks and the organisation to identify and evaluate key risks.
- Develop and implement policies, standards and procedures to ensure that all identified risks are managed within the organisation's risk appetite.
- Regularly monitor the risk management processes and the corrective actions.
- Regularly present risk reports to the key stakeholders, and invite feedback into the risk processes.
- Communicate appropriate risk information to the organisation's stakeholders.
- Maintain and track all the risk jobs for reporting and records
Accountability
EXPECTED END RESULTS MAJOR ACTIVITIES
Risk management
a) Centrally execute and track a consistent information security risk assessment process to identify, evaluate and mitigate project related information security risks at an organisation level pertaining to both process and technology.
b) Engage with business and IT teams to report project related information security risks.
c) Process documentation.
d) Manage security assessment team resources and facilitate coordination with business /IT teams as per standard process.
Vendor Information Risk Management
a) Assist with multi-tier vendor risk assessments and tracking findings, corrective and preventive action plans to logical closure.
b) Process documentation.
Exception management
a) Oversee and manage the requests for exceptions to laid down policy, procedure and guidelines with reference to
- Internet access
- Remote/external access
- System acquisition, development/integration, maintenance
b) Collate and present exceptions outside the areas mentioned above via RAF to ISRMC for approval and track the same via a central risk dashboard.
c) Process documentation.
Scale - 200 yearly
Governance
a) Reviewing and incorporating information security into the critical organisational processes
b) Half yearly review of information security policies, processes, standards and guidelines
c) Performance monitoring in the form of metrics, senior management dashboard, timely escalations of non compliance
d) Assist with review of Risk register and risk acceptance forms for acceptable level of risk.
e) Keeping track of various Infosec/cyber fraud committee minutes and follow ups for compliance
f) Developing enterprise security effectiveness criteria including IT security tools on end points, servers, network etc implementation
Digital VAPT
a) Preparation & review of the digital calendar to ensure that all critical applications have undergone testing cycle
b)Periodic updates to CISO & other reporting on progress of the Digital VAPT calendar with open/overdue observations
c)Follow-up and ensuring closure of the open/overdue points based on agreed timelines with business stakeholders
Netbanking/Mobile banking changes/enhancements
a) Risk assessment for change in the rules in the net/mobile banking, rule pertaining to cooling period for functionality introductions, enhancements pertaining to addition of functionality on netbanking/mobile banking to be performed
b) Inputs to be provided based on risk assessment & ensure necessary testing is performed for the same
4. Description of the Relationships and Roles:
Working relationships held by the role (Internal and External)
1. Internal
- Department: Across all departments - Retail, WBO & Support (legal, IT, Admin etc)
- Upwards: Interactions with supervisors and senior management for exceptions, reviews and other assessments
- Sideways: Across various departments in retail, WBO & support
- Downwards: All levels, across departments in retail, WBO & support.
2. External
- Third party vendors who propose new solutions to bank/existing Bank vendors
5. SKILLS AND KNOWLEDGE
State the minimum acceptable proficiency for the job.
Do not state incumbent-specific information
EDUCATIONAL QUALIFICATIONS:
- Essential:
- Bachelor of Science or Bachelor of Engineering, BCA, MCA
- A working knowledge of most aspects of information security is essential, as is the ability to apply this knowledge in an open network environment
- Preferable:
- Information Security technical Certifications such as CISA, CISSP
RELEVANT EXPERIENCE:
- 7-8 experience in the field of Information Technology
- Over three-five years in information security or related technical areas.
PERSONAL CHARACTERISTICS & BEHAVIOURS:
- Dedication to work & goal defined which is in line with department & organization goal
- Ready to take up new challenges and redefining the current working style
- Independent
- Determination to complete the task & goals defined as per timeline
- Communicate effectively the risks highlighted which can be actioned as appropriate levels
Pinnacle
9970180000
Didn’t find the job appropriate? Report this Job
'%3e %3cpath d='M24 48C37.2548 48 48 37.2548 48 24C48 10.7452 37.2548 0 24 0C10.7452 0 0 10.7452 0 24C0 37.2548 10.7452 48 24 48Z' fill='%23333333' fill-opacity='0.8'/%3e %3cpath fill-rule='evenodd' clip-rule='evenodd' d='M22.5299 19.0115V19.5849V29.0154V31.5316C22.5299 32.3403 23.1967 33 24.004 33C24.8114 33 25.4784 32.3358 25.4784 31.5316V29.0154V19.5849V19.013L29.4885 23.0077C30.0627 23.5795 31.0044 23.5743 31.5733 23.0077C32.1421 22.441 32.1423 21.4975 31.5735 20.9308L30.1054 19.4684C30.0891 19.4504 30.0724 19.4329 30.0551 19.4156L25.0837 14.4634L25.0479 14.4264C24.9234 14.3024 24.7807 14.2055 24.6281 14.1358L24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946C24.0039 13.8983 23.3839 14.0068 22.9622 14.4268L22.9533 14.436L21.4743 15.9093C21.4615 15.9211 21.449 15.933 21.4367 15.9452L16.4286 20.934C15.8598 21.5008 15.8545 22.4389 16.4286 23.0108C17.0027 23.5826 17.9394 23.5827 18.5135 23.0109L20.0019 21.5283C20.0147 21.5164 20.0274 21.5043 20.0399 21.492L22.5299 19.0115ZM24.5952 14.1212C24.5751 14.1126 24.549 14.1022 24.5286 14.0946L24.5952 14.1212Z' fill='white'/%3e %3c/g%3e %3cdefs%3e %3cclipPath id='clip0_99_1825'%3e %3crect width='48' height='48' fill='white'/%3e %3c/clipPath%3e %3c/defs%3e%3c/svg%3e "Scroll Up"){kind=small}