Exp: 12 - 15 years
CTC: 30 - 40 LPA
The candidate should have prior experience and / or certified on Information/Cyber Security from a recognized agency.
The Information Security role is responsible for identifying, assessing, and appropriately managing risks. This includes leading IT security, driving the IT security strategy and implementation forward whilst protecting the bank from security threats and cyber-hacking. Proactively monitoring and assessing the IT infrastructure/applications to ensure that the availability, integrity and security of IT systems are maintained.
• Develop and maintain IS policy, standards, procedures and guidelines to support the organizations’ information security program
• Ensure that the information security governance framework is supported by an information security assurance programme (Implementation Plan). Ensure translation of the information security program into specific actions which shall include awareness, security infrastructure, security incident response and risk management. Provide advice and support to management and information users in the implementation of Information and Cyber Security Policy.
• Responsible for highlighting vulnerabilities and cyber security risks to the board and IT committees
• Manage and monitor Security Operations Centre (SOC) and drive enterprise-level cyber security related projects
• Develop cyber security risk indicators and performance indicators
• Formulate cyber security contingency plans and coordinate incident response
• Participate in internal and external audits, and in liaison with regulatory and market bodies
• Have insight into the entire business IT framework including all software and hardware platforms. Review all servers and databases and analyse the IT systems to determine IT control weaknesses and risks. Participates in reviews of internal controls and security of systems under development as well as major IT projects and initiatives.
• Monitor IT systems to ensure they follow policies and practices. They must evaluate technology, manage staff, identify controls, and keep records. Ensure that IT staff has a fair understanding of auditing procedures and necessary independence to conduct their own investigations.
• Help in constructing Audit Plan and scope and executing the same during the year. Work in conjunction with financial or other specialist auditors, as and when required.
A bachelor’s degree in computer science with systems and network management experience, is the minimum requirement for this position.
As this job role is to span across the entire Group IT systems across all regions and countries, it is expected The complexity and importance of the job means that employers may prefer to recruit managers with higher qualifications, such as a master of business administration in information systems. The candidate should have prior experience and / or certified on Information/Cyber Security from a recognized agency.
- The candidate must have a strong background in information technology with a clear understanding of the challenges of information security.
- The candidate must have excellent analytical and problem-solving abilities to identify and fix security risks.
- The candidate must have the ability to build understanding and awareness of security issues throughout the organization, hence must have excellent communication and presentation skills.