Business Partner - ORM - IT Security - Banking/Financial Services

Responsibilities

RESPONSIBILITIES:

- IC role with approximate 7-10 years of experience with risk and relevant functional experience of 3+ years.

- Excellent knowledge of IT Security standards and procedures, and Infrastructure security.

- Expertise in maintaining IT Security Risk Framework and its associated controls & reporting

- Proven experience in planning and managing periodic assessments of IT environment.

- Design and implement information systems controls in alignment with the organization's risk appetite and tolerance levels to support business objectives.

- Capable of conducting in-depth security & operational incident analysis, evaluating alert criticality, to validating risk and being able to elaborate on risk identified.

- Ability to handle sensitive matters with discretion and maintain confidentiality

- Manages a Business Line / Business Lines depending on the complexity of the BL

- Responsible for managing the operational risk framework of the assigned Business Line(s) which includes the controls framework (managerial and operational), RCSA process, Incident management, key risk indicators, risk assessments (process transition, data externalization etc), process reviews etc

- Support the Business during internal, external and regulatory audits and ensure that all recommendations are tracked to effective closure

- Manage stakeholder relationship with department heads (BL head's N - 1 ) and global counterparts

- Support continuous improvement initiatives.

EDUCATIONAL QUALIFICATION:

- Preferably B.E./B.Tech

- Professional Experience in Banking/Financial Services operations, ITES organization.

- Certifications - ISO 27001 ISMS LA, ITIL, ISO 31000 Risk Management Implementation, CISSP, CISA, CISM or CRISC

LEADERSHIP SKILLS: - Team Spirit - Commitment - Responsibility - Innovation -

KEY SKILLS: Excel, Word, PowerPoint

a) Excellent knowledge of IT Security standards and procedures, and Infrastructure security.

b) Expertise in maintaining IT Security Risk Framework and its associated controls & reporting

b) Proven experience in planning and managing periodic assessments of IT environment.

c) Design and implement information systems controls in alignment with the organization's risk appetite and tolerance levels to support business objectives.

c) Capable of conducting in-depth security & operational incident analysis, evaluating alert criticality, to validating risk and being able to elaborate on risk identified.

d) Ability to handle sensitive matters with discretion and maintain confidentiality