VFS Global - Deputy General Manager - Information Security

Purpose of the role

- To develop strong information risk management processes within the given region and measure the effectiveness of overall posture of information security framework while suggesting steps for improvements

- To ensure on-going compliance to IS standards & best practices. Act as a single point of contact for all Information Security requirements within the region

Profile - Roles and Responsibilities

Areas of Responsibility & brief description Responsibility Level

1. Develop & implement Information Risk Management Framework for the region Full

2. Undertake initiatives to ensure continuous improvement of implemented controls for the region Full

3. Ensure successful outcome in external/internal audits conducted Full

4. Implement Information Security awareness program for the region Full

5. Ensure high standards of Information Security service delivery within time & budget Full

6. Act as a single point of contact for all Information Security requirements within the region and liaise with the Corporate Information Security team Full

7. Drive all Information Security related activities like ISO 27001 implementation, user training and awareness, internal audits, compliance to policies and procedures. Full

8. Ensure compliance to ISO 27001 standards with respect to Information Security. Full

9. Ensure IT security controls are rolled out in all VACs within the region in coordination with the IT team. Track and improve Information Security controls. Responsible for all Technology Risk Management activities Full

10. Carry out all compliance audits across all VACs in the region. Ensure no non-compliance reports either in internal or external audits Full

11. Ensure implementation of Information Security controls to minimise possibility of data leakage Full

12. Work with different regional teams to ensure on going compliance to Information Security best practices and standards Full

13. Judicious use of natural resources Full

14. Shall adhere to the environment health and safety policy/objectives and guidelines of the organization

Full

Qualification & Experience (Education, Experience, specific knowledge, skills, understanding, attitude)

Education: Minimum: Graduate or global equivalent degree

Additional: CISSP, CISM, ITIL, PMP

Experience: 7 - 8 years of relevant experience

Knowledge & Key Skills: In depth knowledge of:

- Network protocols and network connectivity concepts; Firewall and Internet technologies;

- Secure access control mechanisms; Encryption and Key Management techniques