Senior Manager - Information Security Governance & Compliance - Life Insurance

Our client is one of the leading private sector Life Insurance Company. It is listed on National stock exchange (NSE) and Bombay stock exchange (BSE).

Designation : Senior Manager - Information Security Governance & Compliance.

Reporting to : AVP - Information Security / CISO.

Role :

- Review of information and cyber security policy, guidelines and procedures.

- Define technology baseline standards.

- Conduct information security risk assessments for existing and new areas.

- Define policy, guidelines and procedures for new areas.

- Assist business teams for conducting risk assessment, or information security related documentations.

- Conduct control checks and gather relevant evidences.

- Oversee information security audits, whether by performed by organization or third-party personnel.

- Coordinate for audit requirements and be single point of contact for any data requirements, discussion with internal teams, discussing the audit findings, tracking implementation and closure of the findings.

- Implement and oversee technological upgrades, improvements and major changes to the information security environment.

- Review documentation for Information technology disaster recovery (DR) plans and DR drill reports.

Qualification / Experience (No of years & type) :

- MBA Information Security/ Computer Engineering Graduate with working knowledge in the domain of application and network security.

- Relevant experience of at-least 3-5 years in the domain of Information security - risk assessment, documentation of policy/standards/guidelines, compliance.

- Working knowledge of risk assessment and conducting information security controls audit/compliance.

- Good understanding of technology components, software applications & IT infrastructure, security architecture and frameworks.

- Security certifications like ISO27001.

Functional competencies :

- Familiar with standards like ISO27001, PCI-DSS, Data security.

- Understanding of laws regulations like Information technology act and rules.

- Good in drafting policies, guidelines and in report writing.

- Good verbal and written communication skills.

- Good understanding of technology architecture and various technology components.

- Working knowledge of application security tools.

Other competencies :

- Independent and proactive approach to work; ability to learn and adapt new areas.

- Excellent written, communication and presentation skills.

- Project management skills.

- Demonstrate effective time management skills and ability to Multi-task and work under tight deadlines.