Director Information Security - Expense Management Company
Posted on :
23-08-2024
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Preferred Certifications:
CISSP
CCSP
CISM
Roles & Responsibilities
Ensure effective functioning of the Information Security function managing policies & procedures hardening of infrastructure and SDLC processes
Develop and maintain an information security strategy and roadmap aligned with organizational goals and industry best practices. Manage the Information Security Annual Operating Plan and budget and ensure adequate resources are allocated to support the function
Drive external regulatory compliances and audits
Drive adherence to Advisories Circulars CertIn compliance and audits conducted by RBI.
Develop and manage the security incident response plan and ensure it is regularly tested and updated
Conduct regular risk assessments and vulnerability assessments to identify potential security risks and develop and execute plans to mitigate these risks.
Collaborate with other functional areas of the organization including legal engineering IT and operations to ensure that security requirements are integrated into business processes and systems
Drive support for GTM teams in sales lifecycles and craft a narrative to convert opportunities into a win
Build and own relationships with CISO teams with partner banks and NBFCs.
Serve as a subject matter expert on information security matters and provide guidance and recommendations to senior management and other stakeholders
Skills :
A good working knowledge of Information Security including ISO 27001/PCIDSS and related Information Security Management Experience / Certification in review/audit or implementation of security architectures.
Knowledge of GDPR DPDPA their business implications and the merits of various technical approaches.
Knowledge of Data Centre cloud architecture (AWS preferred) endpoint management and security technologies (SIEM DLP etc.).
Exposure to Security Governance Standards Business Continuity Planning Enterprise Risk Management Information security incident Response and security compliance audits
Strong understanding of Information Security including threats attacks and vulnerability management
Understanding of Zero Trust concepts and architectures
Understanding of privacy by design
Deep expertise in Microservices CI/CD builds DevOps InfrastructureasCode TestDriven Development (TDD) DevSecOps and similar solutions & methodologies
Ability to articulate complex technology & risk management concepts to senior executives clearly and accurately portraying real risks and threats to the organization
Exposure to Platform Security Data Security Network Security Cloud Security Physical Security Security Assessment Tools including SAST DAST and SCA Security Monitoring Tools and Managed Security Services
Excellent verbal and written communication skills including the ability to explain technical contractual aspects to associates both technical and nontechnical
Ability to build configure test and implement Cyber Security solutions
Ability to consistently execute against tight deadlines with incomplete or ambiguous information in rapidly changing environments around data protection and privacy.
Prior experience in managing RBI and bank audits
security,information security,cissp,ccsp,certified information security manager (cism),iso 27001,pci dss compliance,gdpr compliance,aws,siem,dlp,information security governance
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
