Information Security Manager

ROLES AND RESPONSIBILITIES:

• Review and update of the information asset register in accordance with RBI, SEBI, IRDAI, UIDAI, IT Outsourcing, Data Localization and ISO 27001:2013 requirements
• Responsible for managing, tracking, update and monitor all regulatory requirements.
• Review the classification levels of data, maintaining the risk register and tracking.
• Crete and managing the KRI matrix and thresholds as per compliance, technology, policy and process
• Conduct Data privacy or PII reviews with the intra-department for PII protection for customers and employees
• Conduct policy and process risk assessment of vendors, while onboarding, evaluating and to monitor, and maintaining the same.
• Assist in IT security product & services risk assessment during evaluation and procurement.
• Track the annual review, changes of all policies and procedures, draft and update/consolidate policy documents as needed.
• Assist in preparing decks/updates for committee meetings and other management review decks.
• Review the reports and alerts and ensure to close with service groups
• Access Control Reviews for cloud, application and infrastructure.
• Comprehensive risk assessment and control testing to be carried out annually and sustained.
• Assist in conducting the various simulations and campaigns for awareness and measure the effectiveness
• Assist in Information security projects implementation
• Conduct access control, change management and other process-level reviews
• Timely escalation to the right stakeholder, if any deliverable is at risk.
• Working closely with IT and other business functions of the organization for IS assessments and various risk review activities.

SKILLS AND QUALIFICATIONS:

1. ISMS implementation, policy & procedure
2. Risk analysis and assessments
3. Conceptual knowledge of infrastructure technology and services e.g Server infrastructure, development, Firewalls, NAC, Router etc.
4. Proactive and ability to handle business functions independently
5. Understanding of business processes across all functions.
6. 8+ Experience in ISMS and in ISO 27001
7. CISA & ISO 27001 Certification

SPECIFICATIONS: QUALIFICATIONS, EXPERIENCE, & COMPETENCIES:

Minimum Qualifications:

• Graduate

Minimum Experience:

• 6-8 Years

Skills Required:

• Result-oriented & Persistent
• Analytical/planning/Detail Orientation