ISS:IS Security Team

About Information Systems Security:

Information Systems Security (ISS) team ensures that Cyber Security Risk and Threats are managed through an risk management framework comprising of Information Systems Security Policies, Standards and Guidelines. The bank's Information Security & Cyber Security Policy and Standards based on various regulatory requirements / guidelines from RBI Gopalkrishna report, cyber security framework, NPCI, IT Act, MAS, HKMA, Aadhar etc., International regulations and standards such MAS, HKMA, PCI-DSS etc. The policies and standards approved by the Board of Directors encompassing independent identification, measurement and management of risks across the various businesses of the Bank. All compliance related requirements emanating from various regulators and stipulations like legal, regulatory and other standards adopted by the bank are periodically communicated to various stakeholders by way of circulars, office notes, workshops, etc. The bank has developed a comprehensive set of metrics like key performance indicators and key risk indicators for review by Business units, Subsidiaries and Top Management on a regular basis. Quarterly monitoring and reviews are undertaken by the top management for review and necessary action.

About the role:

The Security Team serves as a subject matter expert for governance and compliance frameworks and regulations, policy development, Identify and monitor non- compliance and escalate when appropriate, Act as the champion for achievement of GRC capabilities, Manage monthly, Quarterly Information Security KRI, Develop, implement, and manage policies specific to GRC capabilities.

Key Responsibilities:

• Serve as SME for complying to Regulatory Compliance requirements like ISO-27001, PCI-DSS, RBI Guidelines, SOX
• Contribute to Corporate Security thought leadership in the Governance, Risk and Compliance space
• Liaise with External Auditors (RBI Inspectors, Statutory Auditors, SOX Auditors, ISO 27001 Auditors,PCI-DSS ) as needed
• Work Closely with Chief Information Security Officer and other stakeholders Security Governance and Management
• Work Closely with Chief Information Security Officer and other stakeholders
• Responsible for security governance and management

Qualifications:

Optimal qualification for success on the job is:

• Bachelor's degree, preferred in Computer Science
• 3 to 5 Years of Experience

Role Proficiencies:

For successful execution of the job, the candidate should possess the following:

• Professionally handle confidential matters and demonstrate appropriate level of judgment and maturity
• Communicate appropriate risk and gap information to the organization's stakeholders.
• Maintain and track all the risk and gaps for reporting and records.
• Liaise with Auditors (Internal / External) and Information Security Group.
• Develop and implement policies, standards and procedures to ensure that all identified risks and deficiencies are managed within the organization's risk appetite.

#ComeAsYouAre We are dil se open. Women, LGBTQIA+ and PwD candidates of all ages are encouraged to apply