SBI - Chief Information Security Officer - Contractual

RECRUITMENT OF SPECIALIST CADRE OFFICER ON CONTRACTUAL BASIS

ADVERTISEMENT NO: CRPD/SCO-CISO/2022-23/04

ONLINE REGISTRATION OF APPLICATION: FROM 27.04.2022 TO 17.05.2022

State Bank of India invites Online applications from Indian citizens for appointment of Chief Information Security Officer.

Candidates are requested to apply Online through the link given on Banks website https://bank.sbi/web/careers or https://www.sbi.co.in/web/careers

1. The process of Registration is complete only when fee is deposited with the Bank through Online mode on or before the last date for payment of fee.

2. Before applying, candidates are requested to ensure that they fulfil the eligibility criteria for the post as on the date of eligibility.

3. Candidates are required to upload all required documents (Brief resume, ID proof, Age, Educational qualification, Experience etc.) failing which their candidature will not be considered for shortlisting/ interview.

Post - Chief Information Security Officer

Nature of Engagement - Contractual

Age as on 01.04.2022 - Max 57 Years

Selection Process - Shortlisting, Interview and CTC Negotiation

Suggested place of posting - Mumbai

Educational Qualifications :

Basic Qualifications:

Engineering or Science Graduate/ Post-Graduate in related field such as Computer Science, IT, Electronics and Communications or a Cyber Security related field or MCA or equivalent qualification from recognized University.

Professional Qualifications (Preferred):

Certified Information Systems Security Professional (CISSP) /

Certified Information Security Manager (CISM) /

Certified Chief Information Security Officer (CCISO) /

Certified Information Systems Auditor (CISA)

Experience (Post Basic qualifications) (As on 01.04.2022) :

Minimum 15 years in overseeing financial operations, preferably financial information security matters in Banks/ Large Corporates/ PSUs/ FIs/ Financial Services Organizations/ Financial & Technology Consulting firms, of which minimum 5 years should be in the core domain area of Information Security in Banks / FIs at Senior Management Level.

Specific skills required: As per the job profile

Job Profile (Detail description of Role, Responsibilities and Functions) :

CISO is responsible for:

1. Bringing to the notice of Board/IT sub-committee of the Board about the vulnerabilities and cyber security risk, the Bank is exposed to.

2. As member secretary of Information Security and/or related committee(s), if any, may ensure inter alia, current/emerging cyber threats to banking (including payment systems) sector and the Banks preparedness in these aspects are invariably discussed in such committee(s).

3. Managing and monitoring SOC and drive cyber security related projects.

4. Maintaining and update a threat landscape for the organization on a regular basis.

5. Ensuring that periodic tests are conducted to evaluate the adequacy and effectiveness of technical security control measures, especially after each significant change to the IT applications/ systems/ networks as well as after any major incident.

MEASURES OF SUCCESS:

- IS requirements are identified and addressed in a timely manner.

- IS responsibilities are effectively communicated to all role holders.

- Risk mitigation measures are appropriate and in line with global best practices.

KRAs for the post:

- To create, maintain and disseminate information security strategy, plans and policies to ensure high information assurance within the Bank and meet legal, statutory and regulatory requirements in Information Security.

- To obtain top management approval on IS security plan, budget, resources and provide ongoing support for Information Security activities.

- To ensure that, when exceptions/ deviations/ non-adherence to the IS Security are proposed by the Application Owner, the risk assessment process is completed, and appropriate recommendations are put up to DMD & CIO.

- To define security violations and support investigative processes.

- To brief Top Management on information security initiatives undertaken, information security status across the Bank, compliance against Banks Information Security Policies and regulatory requirements.

- To direct Information Security Incident Response Management.

- To oversee the development of Information Security Awareness training programmes and promote security culture in the Bank.

- To stay informed about global best practices and latest developments in the field of information security including technology, management practices and regulatory requirements.

- To represent the Bank in the area of information security at industry standards committee, technical conferences and regulatory bodies.

The apply button will redirect you to an external URL, please apply there.