JOB DESCRIPTION
POSITION NAME
Information Security Manager
DEPARTMENT
Information Security
REPORTING POSITION
CISO
OBJECTIVE OF THE ROLE
To manage Information Security Governance, Risk and Compliance Management Program to ensure
\xc2\xb7 Compliance with Regulatory Requirements
\xc2\xb7 Pro-actively identifying & providing InfoSec Risks for new Business Requests
\xc2\xb7 Effective drive and govern Information & Cyber Security Program to monitor continuous improvements
KEY RESPONSIBILITIES
\xc2\xb7 Definition and Revision of Information and Cyber Security Policies, Processes, Standards & Guidelines
\xc2\xb7 Building & Maintaining Risk Management Program
\xc2\xb7 Managing Vendor Risk Management Program
\xc2\xb7 Building and Governance of Information and Cyber Security Assurance Program
\xc2\xb7 Managing Internal & External Audits and compliance activities
\xc2\xb7 Handling user requests to proactively identify and provide InfoSec requirements at the initial stage of activity / project (e.g. vendor engagements, confidential data requests, risk assessment etc.)
\xc2\xb7 Management of Exception Handling Process
\xc2\xb7 Guide stakeholders for remediation of Information Security observations
\xc2\xb7 Definition SOPs / Manuals for Information Security activities
\xc2\xb7 Identify new initiatives, security controls (technical / procedural) improvement areas in InfoSec Program
\xc2\xb7 Conduct POCs for new Security Solutions, implementation of new Security Practices / Processes / Controls across organization
\xc2\xb7 Ensure compliance with Information Security Policies & Processes
\xc2\xb7 Ensure Team is always audit / compliance ready
\xc2\xb7 Development & Implementation of User Awareness Program
\xc2\xb7 Supporting CISO to conduct Information Security Committee Meetings
\xc2\xb7 Work as a Subject Matter Expert for CISO
\xc2\xb7 Manage Outsource resources & developing skilled team resources Adequate knowledge on the VAPT, application security and other security testing\'s
INTERACTIONS
Internal Relations:
IT, Legal & Compliance, PARM, Business Teams, Internal Auditors
External Relations:
Information Security Service Providers / Vendors
IT / Business Team Vendors
Auditors
REQUIRED QUALIFICATION AND SKILLS
Educational Qualifications:
B.E. / B. Tech
Work Experience:
4 to 8 Years of relevant experience in Information Security Activities
Certifications:
CCNA, MCSA, CEH, ISO27001, CISM, CISA, CISSP,etc(Good to have)
Other skill set:
\xc2\xb7 Should have good technical knowledge of various platforms / technologies and security controls
\xc2\xb7 Experience of successfully managing and delivering IT risk and controls assessments
\xc2\xb7 Should have technical, analytical and problem-solving skills in order to assess requirements, identify potential risks, mitigating security controls and documenting residual risk
\xc2\xb7 Should have good Governance Skills
\xc2\xb7 Should have good knowledge of ISO27001, IRDA, IT Act, Data Privacy Law & other regulatory requirements
\xc2\xb7 Experience on implementing regulatory / compliance / policy requirements and ensuring compliance
\xc2\xb7 Experience in conducting classroom user awareness sessions
\xc2\xb7 Managing the assigned resources with effective delegation
\xc2\xb7 Should have Team and Vendor Management Experience
\xc2\xb7 Should have good communication skills to clearly communicate requirements to technical and non-technical stakeholders from across the business and all levels of seniority
MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.