Senior Manager - Enterprise Risk & IT Security Management

Job Description:

- Ensure customer specific information security / enterprise risk related requirements are captured, documented, implemented and verified

- Act as a point of contact to Coordinate and communicate with customers and internal stakeholders to ensure compliance of security / risk guidelines

- Ensure customer audits are cleared successfully

- Propose cost effective solutions

- Ensure a proper budget is prepared and managed

- Develop and manage ISMS (Information Security Management System) framework.

- Identify and implement applicable industry practices (IT act and amendments, Data Privacy and Data Security framework etc)

- Establish and implement measurement program to assess effectiveness of the framework/system

- Provide updates to CISO/Management periodically

- Ensure all internal / external audits are planned and successfully cleared. Ensure surprise audits are conducted.

- Monitor and track all internal/external audit findings to closure. Highlight open findings and accepted risks

- Liaise with external consulting organizations as applicable

- Evaluate technical solutions proposed by IT team from security perspective

- Set performance objectives aligned to organization goals and appraise the team against these objectives

- Mentor team members to enhance performance

- Handle team members grievances

- Ensure team attrition is within targets

- Upgrade competency (skills) in the team in line with the current industry practices and business objectives