Dear Candidate ,
Roles and Responsibilities
You will be responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure that information assets and technologies are adequately protected. You will be identifying, developing, implementing, and maintaining processes across the enterprise to reduce information technology (IT) risks. You will respond to incidents, establish appropriate standards and controls, manage security technologies, and implement policies and procedures.
Key Responsibilities
Defining, scoping, creation & execution of IT & data security standards and strategies and measure adherence.
Firewall settings, WAF, security settings across tech stack, hardening and patching compliances and other Information Security Activities
Best Practices implementation for User Access Review for all application
Preparing, reviewing, updating, evidence management of all IT security related policies and procedures.
Enhancing the reliability and security of the IT systems, internal IT communication channels, projects, and underlying data.
Accountable for vulnerability assessment and IT Security Audits. Closure of all the observations
Ensure compliance with any related legislation, such as the Data Protection Act, ISO standards or relevant government regulations.
Manage incidents related to information security.
Best Practices in conducting the 3rd party vendor audit on Data and Information Security.
IT Security Awareness Programs. Oversee staff training in all the latest security awareness skills, check associated protocols, methodologies and procedures are implemented.
Strong Interpersonal skills. Ability to communicate clearly at all levels.
Good knowledge of IT Infrastructure and design.
Minimum Qualification
Bachelors or master degree in related technical field
10-15 years of experience in the field of security covering the key responsibilities listed above
Good knowledge of relevant standards such as ISO 27001 / SOC2
Good to have
Certifications such as CISM / CISSP / CRISC
Good understanding of current legislations and regulations pertaining to the financial sector including IRDAI standards & audit terminologies.