Information Security Specialist, AVP

Job Description

Job Description: Job Title: Information Security Specialist Corporate Title: AVP Location: Bangalore, India Role Description The TDI CSO Embedded Risk Team (ERT) is a global team whose footprint extends to the US, UK, India, and Europe. There are currently 15 members spread across these locations. The ERT is split into three main groups 1) internal and statutory Audit Coordination, 2) Finding Management Governance and 3) Information Security Risk Management. All of them perform the same function with the only difference being that statutory Audit Coordination is an external facing function (External Auditors) while all others face off to Internal Audit, other TDI ERT teams, Divisional CISOs and Divisional ISOs, ITAOs across the bank, 2nd Line Risk Type Controller, Group COO Central Approval Function and others. The teams main objective is to support, manage and monitor all aspects of Risk and Control impacting the TDI CSO division and the main responsibility is to ensure TDI CSO is fully compliant with the Finding Management procedure and all relevant 2nd line minimum control standards in relation to Information Security Risk and Physical Security Risk. Your key responsibilities Information Security is responsible for preventing IT-based crime, hacking, intentional or inadvertent modification, disclosure, or destruction to the organization's information systems and IT assets and intellectual property. The focus of the role is to ensure highly professional and productive procedures, policies and processes are in place, and aligned and agreed with relevant stakeholders. In the role as Information Security Specialist within TDI CSO ERT the main objective is to drive Information Security risk towards within tolerance in line with the Security Strategy. The main responsibilities are: work closely with colleagues from all 3LoDs around the world to identify, analyze and address existing information security risks use existing process to link all Information Security Risk Findings to Controls to identify deficiency or gap themes and that those are addressed from a one bank control perspective be first contact to follow up on ISR Control linkage exceptions Prepare, create, and present regular CSO internal reports and status updates to Senior Management, and key working groups Your skills and experience Educated Bachelor's degree level or equivalent qualification / work experience in auditing and enterprise risk management especially Information Security Risk Management (Risk Management for 3-5 years and or available Information Security certificates CISM/CISA) Understanding of ISO 27001 Framework and Controls Project Management / Risk experience paired with excellent analytical skill to ensure strong governance across various locations and products considering implemented risk management models Ability to monitor, track and clearly communicate progress, and escalating issues when appropriate Very good communication skills with the ability to work independently as well as with other team members and functions in global teams across different time zones Pay attention to details spotting unusual activities and being able to collaborate with ITAOs, Management and other ERTs Excellent knowledge of MS Office standard applications and fluent in English (written/verbal)