|
Reporting Structure
|
|
Reports to Head – Security Engineering
|
|
Education
|
University degree in the field of computer science or IT.
|
|
Experience/ Qualifications
|
- A minimum of 6 years of IT experience with 3 years in information / cyber security risk management
- Hands-on experience in implementing ISO 27001 or PCI – DSS programs
- Structured project management experience in deploying security-related initiatives
- Excellent oral and written communication skills
|
|
Industry
|
Financial Domain experience is desirable
|
|
Responsibilities
|
- Establish procedures for identification and classification of information assets
- Understand the existing business processes and technology used to ensure that the business is in compliance with regulatory requirements
- Determine organizational information security requirements based on industry standards and regulatory requirements (like ISO 27001, PCI-DSS, etc)
- Develop information security policies, standards, processes and procedures
- Conduct information security risk assessment associated with various key assets of the organization
- Communicate and present concisely and effectively across various levels of stakeholders
- Advises management of critical issues that may affect the risk posture of the organizational information assets
- Establish positive working relationship with various teams across the organization
- Generate innovative ideas for achieving the objectives
- Demonstrate leadership and problem solving skills
|
|
Certifications (any one)
|
|
