Home
Jobs

Chief Information Security Officer - SIPL

3 - 8 years

20 - 25 Lacs

Posted:5 hours ago| Platform: Naukri logo

Apply

Work Mode

Work from Office

Job Type

Full Time

Job Description


- - - - - -
The key objective of this role is to ensure that processes- across IT operate securely. The remit extends across all aspects of IT- security (i.e. policies and procedures, authorization and administration of- accesses, networks and firewalls, servers and workstations, operation- systems, databases and applications), wherever applicable and covers all IT- teams and usage of the IT platform by other departments. Another key- objective is to ensure that IT maintains an appropriate level of security in- compliance with company policy and requirements from regulatory & market- authorities and in accordance with recommendations from General Inspection,- Compliance, Internal Audit and External Auditors. This role also contributes- to the design, testing and roll-out of security controls such as access- management, exception management, data leakage prevention, etc. in accordance- with established regional processes
- - - - - -

Responsibilities

- - - - - -

Direct Responsibilities

- -

1. IT Risk Management

-
- - Inform- APAC IT Security Risk Management team about any new projects or major change- within India for further risk assessment.
-
- - Ensure- risk assessment on the in-scope projects, third-party vendors and the deviation- of policies & best practice is properly conducted. Ensure the- recommendation issued for projects and security exceptions / risk acceptances- are properly followed up.
-
- - To- translate policy statements into local guidelines and procedures in order to- produce enforceable actions
-
- - To- enforce an efficient user account management process in order to authorize- and control users accesses and habitations to IT Systems
-
- - To- monitor and ensure immediate and accurate reporting of any SIPL IT Security- related incident (intrusion, virus, etc.) to the regional & global IT- Security and Incident Management processes.
-
- - To- be part of the network rules review and recertification process, by reviewing- and approving all network access requests (including firewall, proxy and SMTP- requests), and perform periodical review.
-
- - To- work in partnership with the Business Lines, Organization & Methods,- Information Systems, and others to draw up measures for implementing the Company's- Information Systems Security Directives. Especially to participate to all- projects in order to ensure respect of good IT Security practices
-
- - To- occasionally participate in regional security risk assessment activity of- business line applications
-
- - To- work with different stakeholders and assist India CIO to implement the IT- risk management framework
-
- - To- conduct necessary security controls, reviews, assessment to ensure the best- security practice is in place .
- -

2. IT Security Control Design, Testing and Implementation

-
- - To- gather control requirements based on regulatory guidelines and business needs
-
- - To- assist in the design of local and business-specific security controls
-
- - To- contribute to the processing of day-to-day security events, leading or- supporting security investigations and escalation to relevant stakeholders- (Business, Compliance, Legal, HR, IT)
-
- - To- maintain exception management workflows and to track local exceptions and- their recertification
-
- - To produce- periodic KPI and KRI dashboards and distribute them to local management
- -

3. Coordination & Cooperation

-
- - To- actively coordinate and cooperate with other IT and APAC Security teams to- ensure best IT Security practices, deliveries and a smooth interaction
-
- - To- work closely with IT Infrastructure & Production team, as well as- Business Lines IT teams for closure of non-compliant issues found within- scope of responsibilityTo assist the production & follow up of Security- Dashboard by APAC SecurityTo maintain an IT Security Awareness training- program towards all local employees
-
- - To assist SIPL COO/CIO for the production of required- and requested reporting to the local regulatory & market authorities
-
- - To- answer requests raised by Internal Audit and Risk and to promptly close- findings and recommendations
- -

4. Team management

-
- - As- team head to supervise and lead the SIPL information security team:
-
- - Ensure the team's mandated learnings- (eLearning, classroom training) are completed before due date
-
- - Ensure block leave and carryover leave are managed- per policy
-
- - Ensure timesheets are recorded in Clarity
-
- - Identify development and training plan for the team
-
- - Create succession plan and backup plan for the team
-
- - When necessary, manage low performers with- development plans and keep track of the progress (if applicable)
- -

5. Permanent Control Aspects

-
- - Direct- contribution to BNPP operational permanent control framework.
-
- - Responsible- for the implementation of operational permanent control policies and- procedures in day-to-day business activities, such as Control Plan
-
- - Responsible- for ensuring team members (if applicable) to comply with regulatory- requirements and internal guidelines.
-
- - Responsible- for reporting all incidents according to the Incident Management System
-
- - Responsible- for ensuring job descriptions are written, distributed and updated
-
- - Ensure- audit recommendations are resolved within the specific timeline.
- -

Contributing Responsibilities

- -

1. Cooperation

-
- - To improve IT quality and process generally
- -

2

.

Compliance- & Control

-
- - Comply- with the BNPP IT Security policies
-
- - Comply- with the BNPP standards of Code of Conduct
-
- - Comply- with regulatory requirements and internal guidelines.
-
- - Ensuring- appropriate escalation to management and/or Permanent Control (or Compliance- as appropriate) as soon as an issue is identified
-
- - Minimizing- operational failure, including but not exclusively, the risk of fraud, by- helping to devise, and by implementing, sufficient regular controls
- -

3

.

Committees

-
- - Participate and- contribute to different committees related to the job scope, including but- not limited to IT management, IT risk management (TRM), country supplier risk- management, data governance, data protection, local outsourcing management,- etc.
- - - - - - -
Technical & Behavioral Competencies
- - - - -
- - To be- knowledgeable of IT Security concepts.
-
- - To know IT- Security regional roadmap.
-
- - To maintain- a good knowledge of the technologies, systems, integration and workflows of- the IT Security program.
-
- - To know the- organization of global IT Security, as well as regional Security, who to- action depending on the matter and to maintain good relationships with IT- Security managers.
-
- - To know- program management methodology.
-
- - To know how- to define an action plan and to follow up on progress.
-
- - To be- organized and meticulous.
-
- - To know how- to communicate clear instructions and follow up while delegating- appropriately.
-
Negotiation skills.

- - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Specific Qualifications (if required)
- - - - - - -
- - Securities practitioner- qualification is a must;
-
- - Strong local regulatory- experience on SEBI is required
-
- - Bachelors degree in- Computer Science, Information Security or equivalent experience
-
- - Holder of information security and risk- management (e.g. CISM, CISSP, etc.) preferred
- - - - - -

Skills Referential

- - - - - -
Behavioural Skills : (Please- select up to 4 skills)
- - - - - -
Ability- to collaborate / Teamwork
- - - - - - -
Communication skills - oral &- written
- - - - - - -
Decision Making
- - - - - - -
Personal Impact / Ability to- influence
- - - - - - -
Transversal- Skills: (Please select up to 5- skills)
- - - - - - - - -
Ability- to understand, explain and support change
- - - - - - -
Ability- to manage a project
- - - - - - -
Ability- to develop and adapt a process
- - - - - - -
Ability- to inspire others & generate people's commitment
- - - - - - -
Ability- to manage / facilitate a meeting, seminar, committee, training
- - - - - - -
Education- Level:
- - -
- - - - - - - - Bachelor Degree or equivalent (3 years)
- - - - - -
Experience- Level

- - -
At- least 7 years
- - - - - - -

Other/Specific Qualifications

(if- required)
- - - - - - - - - - - - - - - - - - - - -

-

Mock Interview

Practice Video Interview with JobPe AI

Start IT Security Interview
cta

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.

Job Application AI Bot

Job Application AI Bot

Apply to 20+ Portals in one click

Download Now

Download the Mobile App

Instantly access job listings, apply easily, and track applications.

coding practice

Enhance Your Skills

Practice coding challenges to boost your skills

Start Practicing Now
BNP Paribas
BNP Paribas

Banking

Paris London

RecommendedJobs for You

Chandigarh, Dadra & Nagar Haveli, Daman