Reporting Structure |
Reports to Head – Security Engineering |
Education | University degree in the field of computer science or IT. |
Experience/ Qualifications | - A minimum of 6 years of IT experience with 3 years in information / cyber security risk management
- Hands-on experience in implementing ISO 27001 or PCI – DSS programs
- Structured project management experience in deploying security-related initiatives
- Excellent oral and written communication skills
|
Industry | Financial Domain experience is desirable |
Responsibilities | - Establish procedures for identification and classification of information assets
- Understand the existing business processes and technology used to ensure that the business is in compliance with regulatory requirements
- Determine organizational information security requirements based on industry standards and regulatory requirements (like ISO 27001, PCI-DSS, etc)
- Develop information security policies, standards, processes and procedures
- Conduct information security risk assessment associated with various key assets of the organization
- Communicate and present concisely and effectively across various levels of stakeholders
- Advises management of critical issues that may affect the risk posture of the organizational information assets
- Establish positive working relationship with various teams across the organization
- Generate innovative ideas for achieving the objectives
- Demonstrate leadership and problem solving skills
|
Certifications (any one) | |
