Senior Manager - Information Security & GRC

Type of Experience

- With at least 9+ years of progressive experience in IT with 7 years dedicated exposure in Information Security

- Certification in BCP \ DR, ISO 27001:2013 Lead Auditor,

- Demonstrate knowledge of information security Standards and Frameworks

- With at least 7 years of progressive experience in IT with 3 years dedicated exposure in Information Security

- ISO 27001:2013 Lead Auditor certification mandatory

Overall purpose of the Job

- This role would be responsible for implementing risk mitigations & IT controls and ensuring Information Security best practices are designed, implemented and monitored Key Performance Areas

Key Task & Activities /Skills / Competencies required

IT Risk management and Process assurance

- Benchmark and compare security practices with the industry

- Implementation, operation and maintenance of Information Security Management System based on standards like ISO/IEC 27001, COBIT, ITIL etc as applicable

- Information security risk assessments and controls implementation

- Track audit schedules and ensure closure of all security gaps

- Co-ordinate for Risk Assessment of IT systems and Third Party vendors and partners

- Benchmark security implementation and implement security controls across all digital channels

- Evaluate and implement tools and processes to ensure compliance with internal security policies and applicable laws and regulations

- Document and review process, policies and procedure Data Leakage Prevention

- Review and implement Data Leakage Prevention (DLP) tools and processes

- Review and evaluate all incidents as per DLP management procedures

- Ensure timely reporting, escalations and closure of critical incidents

- Analyze the risk or business impact of incidents and initiating adequate control measures

- Implement suitable data leakage awareness, training and educational activities

Audit and Compliance

- Facilitate Statutory & Regulatory audits of critical Applications and Systems

- Ensure Software License compliance at all times

- Review of Third Party systems and network security on monthly basis

- Adherence To Change Management Processes

- Ensure Governance and compliance as per requirement

- Adherence To User identity and access Management Processes

Personal Attributes

- Honest and self disciplined

- Display Business Integrity & Ethics

- Displays Leadership and team building skills

- Displays logical thinking for problem evaluation and solving

Interested candidates can email their updated cvs along with following details:

Total Exp-

Current CO-

Current CTC

Expected CTC

NP

Reason for change-

Availability for interview - yes/no