Leadership Role - Information Security

Pylon Management consulting
  • Mumbai
  • 25-40 lakh
  • 13-16 years
  • Views
  • 17 Aug 2018

  • Others

  • Banking - Retail
Job Description

The Information Security Officers (ISO) primary function is to enable businesses to innovate and to optimize their offering while continuing to maintain an adequate level of Information Security across the 3 domains - People, Process, and Technology. As the Candidate will be responsible for the India franchise, the divison will have overall responsibility to ensure adherence to all corporate and regulatory requirements w.r.t. Information Security Compliance. Roles and Responsibilities: Business / Department Objectives: The Information Security Officers (ISO) primary function is to enable businesses to innovate and to optimize their offering while continuing to maintain an adequate level of Information Security across the 3 domains - People, Process, and Technology. Core Responsibilities: Educates and advises the business on safe IS practices and current, changing, and/or recommended IS requirements Plans and executes the IS strategy Provides periodic IS risk management reports highlighting key issues and corrective action plans Coordinates IS activities with business plans Articulates the value of IS controls and its bottom line impact Seeks opportunities to enhance the efficiency of policies and procedures Partners with business coordinators in other disciplines; e.g. MCA, CoB, Records Management, Fraud Management, etc. Reviews IS action plans with management and monitors implementation of approved plans Leverages the ISO network to pool resources, seek out best practices, and create efficiencies Monitors various IS programs & KPI / KRI, ensuring that issues are addressed in timely manner Manages risk by analyzing the root cause of issues, impact to business, and required corrective actions by leveraging analytical skills Guides the business to ensure that IS risks, controls, and tests are embedded in the IS component of MCA Day-to-day-responsibilities: Responsible for managing Information Security Risk for the businesses in India franchise Work with multiple senior managers in-country, in the region and globally, to define and to implement a strategy for measuring, mitigating and managing risk Engage with the senior management to identify IS risks and ensure that they are understood, and appropriate controls are built to support the Business in meeting its objectives of increased revenue and lowered expense without compromising on risk Innovate, create and leverage on best practices to implement world class information Security Program that supports Business Implement Regional and Global IS programs to manage risk suitably Ensure that the quality of controls can be validated without exceptions in any audit Build a strong team of information security coordinators with the business, coach and develop them professionally Manage training and awareness programs to improve the adherence by all employees in the organization Respond and Manage Security Incidents so that corrective actions and preventive actions are implemented to protect the Business and the Customers from imminent loss of information or value Manage escalations appropriately Build on the Information Security network for professionals across the spectrum (e.g. industry peers, colleagues, regulators etc.) and help/ support the VISO program and companys Intelligence-led approach to managing Cyber and Information Security Financial/ Budgetary: While there is no direct revenue related responsibilities, the incumbent does need to ensure that the unit budgets are managed within targets and any potential risks are escalated well in time Individual Contributor (IC)/Managerial: IC Key Deliverables: Ensure compliance to Companys Information Security Standards Ensure a high standard on compliance & controls Ensure Product reviews and decisions are taken to ensure compliance to regulatory / corporate guidelines Serve as the primary contact for any regulatory and audit requirements Qualifications Education: Bachelors degree Computers, Telecom or IT Stream (Preferred) Experience: Min. 8 years of work-ex in related field in Banking (Preferred) 8+ years experience in IS and at least 2 IS programs including, but not limited to, Audit Reviews, IS Risk Assessment, Awareness & Training, Identity Access & Management, Data Protection, Incident Management, Vulnerability Assessment. Knowledge of key government regulations and local laws Other Risk Management activities should be as Sector or business IS SME or some risk management role Certifications: CISSP; or CISA; or CISM Skills: Excellent consulting and problem solving skills Able to convey ideas to senior management and staff Advanced technical knowledge In depth knowledge of IS programs Advanced presentation skills, program management, and relationship management skills Able to work with senior business management to implement IS strategy

Job Posted By

Sourav Singh Digari
Staffing Specialist

About Organisation

Pylon Management consulting