Senior Manager - IT Security - Financial Services

We are looking for a senior manager for a big MNC (Financial Services) for Mumbai location.

Job Title : Sr Manager - IT Security

Job Description:

Industry: Banking Domain, Finance Domain, Insurance Domain

Responsibilities

- Responsibility for upkeep of ISO 27001 implementation

- Working knowledge of Business Continuity Management

- InfoSec Operations reporting

- Support ISG during external & internal IT Security & IS audits

- Technology Risk Management

- Team management skills

- Ability to lead Application Security initiative across SDLC cycle

- Ability to lead security solution and implementation

- Gap assessment for new technology assessments

- Security Incident management & support on forensics

- Connect with sources who help update on current industry trends and security challenges

- Manage regulatory and compliance audits.

- Manage exception to policies

Desired Certifications

- ISO 27001 LA / Implementation / Internal Auditor

- ISO 22301 LA / Implementation / IA

- CISA / CISM

- CEH

- CISSP

- PRISM

Atleast 1 preferred

Relevant Experience

- 11 to 12 yrs

Detailed view of responsibilities and duties

- Ensure upkeep of Information Security Management System & ISO 27001 Certification for the organization

- Design solutions to Information Security challenges put forth by various functions

- Perform Security assessments on business processes to identify security concerns and provide appropriate technology solutions

- Manage compliance and regulatory audits i.e. explaining Infosec process and policies to auditors, demonstrating compliance against set policies

- Managing the assigned resources with effective delegation

- Contributing to the design, maintenance and execution of Corporate Security Policy

- Knowledge in IRDA, RBI, IT Act, Companies Act, SEBI, Exchanges & other regulatory requirements desired

- Must be able to source and suggest solutions to business and corporate security needs

- Must be proficient in identifying vulnerabilities and security loop holes in the existing implementation

- Directing and creating remediation priorities based on level of vulnerability / scope of impact

- Implementing policies that will ensure there are correct levels of scanning, monitoring, and incident response when needed.

- Developing procedures which will ensure there is as minimal impact and disruption to business operations and systems during any remediation of vulnerability issues

- Providing the appropriate direction and methodology for forensic analysis and reporting

- Developing and implementing security standards for Information risks

- Partnering and/or working with other IT groups to secure participation from key people /contributors from other departments and notifying senior management for additional resources. Allocating resources as needed to support strategic company goals

- Collaborating and working with other departments (Software Development, Network & Technology Infrastructure, etc.) to clarify INFOSEC expectations for securing systems to ensure policies adherence

- Impart information security awareness trainings to employees

- Assist the BCM unit with BCP implementation, reviews, testing, maintenance & documentation

- Must be proficient at project management skills

- Sourcing trends & news in the Security world, and assessing organization's applicability to the risks highlighted