Vice President - Cyber & Information Security - BFSI

Educational Qualifications : BE , B.tech MCA , Masters on Information Security

Certification desirable :

1. CCNA / CCNP / CCIE

2. RHCE - Red Hat Certified Engineer (RHCE)

3. Microsoft Certified Professional

4. AWS certified Professional

Key Responsibilities:

- Managing the risk assessment, remediation and monitoring of technology risks for cloud as well as on-premise infrastructure.

- Ensure technical risk identification, assessment, quantification, tracking, reporting, communication, mitigation and monitoring

- Manage the day-to-day activities of threat and vulnerability management including Vulnerability Assessment (VA), Penetration Testing (PT), Application security assessment (Appsec), Firewall Rule ,Base review

- Develop, review and update hardening standards and guidelines.

- Recommend treatment plans and communicate information about residual risk.

- Analyze technical risks and arrive at risk criticality after considering compensating controls

- Provide Risk Acceptance recommendations

- Discussion with stakeholders for Risk Closure

- Revise and develop processes to strength the current IT risk framework

- Manage outsourced vendors with contracted service-level agreements.

- Serve as an internal technical risk consultant to the operating functions and business lines

- Builds and maintains positive working relationships with various IT and business teams

- Responsibility for overall use of project resources, and initiation of corrective action where required.

- Responsibility for compliance with standards, for example including change control management.

- Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.

Required Skills :

- 18-23 years of experience in IT Security industry with a proven ability to lead and deliver multiple projects at one time or a similar delivery management role, including people & vendor management

- Audit & assurance, governance and compliance, ISO 27001, Cyber Governance, Compliance, ITGC Controls and Data Privacy, ICS/ OT Security, Penetration Tests

- Good comm skills is a must , Should have managed large team size

Proficient working knowledge within the following risk domains/ technologies:

- Cloud Security

- Database and application security

- IDS/IPS technologies

- System/Access Administration

- Firewall technologies

- Network Architecture

- Network Security

- Key Management/Tokenization

- Database/Application/Network Layer Secure Protocols

- Physical and Environmental Security

- Secure Software/Code Development

- Change Management

- Vulnerability Management