Job
Description
About The Role :
Job TitleTechnical Information Security Officer (TISO)
Corporate TitleAssistant Vice President
LocationPune, India
Role Description
At the Service, Solutions and AI Domain, our mission is to revolutionize our Private Bank process landscape by implementing holistic, front-to-back process automation. We are committed to enhancing efficiency, agility, and innovation, with a keen focus on aligning every step of our process with the customers needs and expectations. Our dedication extends to driving innovative technologies, such as AI & workflow services, to foster continuous improvement. We aim to deliver best in class solutions across products, channels, brands, and regions, thereby transforming the way we serve our customers and setting new benchmarks in the industry.A Technical Information Security Officer (TISO) is responsible for ensuring the security of assigned IT assets, including application software, databases, infrastructure, and outsourced IT services. The TISO conducts risk and compliance assessments, provides guidance on security requirements, approves access control setups, and ensures the implementation of necessary security controls. They collaborate with key role holders to develop secure environments, perform risk assessments, and document risk management activities. Additionally, the TISO influences IT risk policies and standards, ensuring compliance and mitigating potential security risks.
What well offer you
As part of our flexible scheme, here are just some of the benefits that youll enjoy,Best in class leave policy.Gender neutral parental leaves100% reimbursement under childcare assistance benefit (gender neutral)Sponsorship for Industry relevant certifications and educationEmployee Assistance Program for you and your family membersComprehensive Hospitalization Insurance for you and your dependentsAccident and Term life InsuranceComplementary Health screening for 35 yrs. and above
Your key responsibilities
As a Technical Information Security Officer (TISO), you will be entrusted with a critical role in ensuring the security of our IT assets. Your key responsibilities include:
Ownership and Risk ManagementAssume ownership of assigned IT assets, including application software, databases, infrastructure, and outsourced IT services. Conduct comprehensive risk and compliance assessments to ensure security measures are in place.
Guidance and ImplementationProvide expert guidance to IT Asset Owners (ITAOs) and Information Security Officers (ISOs) on security requirements and the implementation of compensating controls. Ensure security is integrated early in the system development life cycle.
Access Control and AuthorizationApprove access control setups and user authorization for assigned IT assets. Perform periodic recertification of access rights in compliance with organizational policies.
Security ControlsEnsure the implementation of necessary information security controls. Influence and provide feedback on IT risk and control-related policies and standards. Design and oversee the implementation of security measures.
Collaboration and CoordinationWork closely with ITAOs and other ISO role to establish monitoring capabilities for IT assets. Review monitoring outputs to maintain the required security level and advise on remediation of gaps.
Incident ManagementContribute to the Information Security Incident Management Process in case of security breaches for assigned IT assets.
Documentation and ComplianceMaintain thorough documentation of information security risk management activities, including major decisions, identified risks, and mitigation measures. Ensure compliance with internal policies and standards.
Escalation and Conflict ResolutionServe as the first point of escalation and conflict resolution, both internally and with external parties such as regulators.
Regulatory AwarenessPre-empt changes in the legal and regulatory environment and advise senior management on potential impacts. Oversee the performance and quality assurance of assessment executions for audits and regulatory compliance.
Senior Management SupportEnsure appropriate senior management awareness and oversight to follow up on action items and resolve identified issues.
Cloud SecurityImplement and manage security measures for cloud-based services and infrastructure to protect organizational data and assets.
OSS Vulnerability ManagementIdentify, assess, and mitigate vulnerabilities in open-source software (OSS) to ensure the security and integrity of IT assets.
Ethical AIEnsure the secure and responsible use of AI technologies within the organization, adhering to ethical AI practices.By fulfilling these responsibilities, you will help maintain the security and integrity of our organization's IT assets, ensuring compliance and mitigating potential security risks.
Your skills and experience
To excel as a Technical Information Security Officer (TISO), you should possess the following skills and experience:
Technical ExpertiseStrong technical knowledge of information security principles, practices, and technologies.
AI and Ethical AIProficiency in AI technologies and ethical AI practices, ensuring the secure and responsible use of AI within the organization.
Cloud SecurityExpertise in cloud security, including the implementation and management of security measures for cloud-based services and infrastructure.
OSS Vulnerability ManagementExperience in identifying, assessing, and mitigating vulnerabilities in open-source software (OSS) to ensure the security and integrity of the organization's IT assets.
Analytical SkillsAbility to conduct thorough risk assessments and develop effective solutions for complex security issues.
Communication SkillsExcellent communication skills to effectively convey security information to both technical and non-technical stakeholders.
Continuous LearningCommitment to staying updated with the latest information security trends, technologies, and best practices.
Educational BackgroundA bachelor's degree in Information Security, Computer Science, Information Technology, or a related field is typically required. An advanced degree can be advantageous.
Professional ExperienceSeveral years of professional experience in information security or a related field, with experience in roles such as Information Security Analyst, Security Engineer, or similar positions.
CertificationsRelevant certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CEH (Certified Ethical Hacker).
Teamwork and InitiativeExcellent communication skills, strong independence and initiative, ability to work in agile delivery teams, and good experience in working with distributed teams, especially in Germany and India.
Cyber Security and CryptographyStrong experience and knowledge in cybersecurity, cryptography, and encryption/decryption solutions.
Configuration SkillsProficiency in configuring TLS/SSL, PKI, ACLs, and API security.
Platform and Database KnowledgeExperience with Windows, Unix, Linux platforms, and Oracle & SQL databases.By bringing these skills and experiences to the role, you will contribute significantly to maintaining the security and integrity of our organization's IT assets, ensuring compliance, and mitigating potential security risks.
Training and development to help you excel in your career.Coaching and support from experts in your team.A culture of continuous learning to aid progression.A range of flexible benefits that you can tailor to suit your needs.
We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively.
