- Assist the Information Security Manager in defining and maintaining SG GSC's Information Security program.
- Ensure that InfoSec processes, procedures and controls are well formalized & documented, up-to-date, and properly executed.
- Maintain and supervise Information Security practices across all SG GSC BL's.
- Ensure compliance to the defined Information Security policy & procedures across the organization.
- Perform risk assessment for new initiatives and existing projects (infrastructure /applications).
- Collaborate with business stakeholders, technical teams & vendor(s) for deployment of any new technology (tools, applications etc).
- Aggregate all Information Security risks across business lines, paying particular attention to IT risks e.g. security, outsourcing, external provider, resources, system interruption, business activities, etc.
- Perform execution of various Information Security controls & BAU activities.
- Analyze and validate policy exception requests from the business.
- Perform investigation, remediation and reporting on all information security incidents and exposures.
- Ensure appropriate controls and KRIs in place for infrastructure & application security - perform periodic reporting & ensure compliance.
- Preparing InfoSec /Risk dashboards and providing inputs for governance meetings.
- Participate in the information security operational meetings with global counterparts.
- Conduct awareness programs on various Information security topics (delivering induction sessions, awareness communications, end-user trainings etc).
Technical :
Excellent knowledge & relevant experience in security domains /technologies related to :
- Infrastructure security
- Identity and Access Management
- Application security & project risk assessment
- Data Leakage Prevention
- End Point Protection
- Web filtering technologies, Proxies and firewalls.
- VA /PT, SIEM etc.
- Cloud security
- Intermediate understanding of Networking Concepts / Solutions & Active Directory.
- Intermediate understanding of security of web-based services/ applications.
- Intermediate understanding of security aspects related to Cloud Computing & migrations.
- Experience of working with new /disruptive technologies, handling APTs would be useful.
- Excellent knowledge of MS Office tools (Excel, Word & Power-point etc).
- Previous work experience in managing Information Security in Banking and Financial services domain would be advantageous
Functional :
- Assist with the development and implementation of IT security procedures and guidelines
- Maintain and document security control procedures
- Developing procedures, methods, reports, and scripts to facilitate the monitoring and measurement of enterprise-wide IT security solutions
- Pro-active follow up on potential security risks and incidents
- Creating event log dashboards, reports and alerts
- Management and monitoring of security infrastructure
- Detect and report flaws within existing security solutions
- Risk assessment & IS governance skills
- Capability to anticipate and communicate about the new risks (internal or external) and to propose relevant action plans
- Be highly autonomous in the execution of his/her assigned duties
- Good communication & presentation skills; ability to liaise with middle & senior management.
- Highly motivated and ability to work within a team.
- Ability to work in a constantly changing environment and manage priorities and schedules
- Ability to work in a position that has accountability with minimal authority over stakeholders
- Ability to collaborate with multiple teams, internal and external stakeholders.
Didn’t find the job appropriate? Report this Job