Reporting Structure

Reports to Head – Security Engineering

Education

University degree in the field of computer science or IT.

Experience/ Qualifications

• A minimum of 6 years of IT experience with 3 years in information / cyber security risk management
• Hands-on experience in implementing ISO 27001 or PCI – DSS programs
• Structured project management experience in deploying security-related initiatives
• Excellent oral and written communication skills

Industry

Financial Domain experience is desirable

Responsibilities

• Establish procedures for identification and classification of information assets
• Understand the existing business processes and technology used to ensure that the business is in compliance with regulatory requirements
• Determine organizational information security requirements based on industry standards and regulatory requirements (like ISO 27001, PCI-DSS, etc)
• Develop information security policies, standards, processes and procedures
• Conduct information security risk assessment associated with various key assets of the organization
• Communicate and present concisely and effectively across various levels of stakeholders
• Advises management of critical issues that may affect the risk posture of the organizational information assets
• Establish positive working relationship with various teams across the organization
• Generate innovative ideas for achieving the objectives
• Demonstrate leadership and problem solving skills

Certifications (any one)

• ISO 27001
• PCI DSS
• CISSP