Skills & Competencies: Subject knowledge (Information security, Cyber Security, Data Privacy) Security Analysis, Network Security, Good understanding of technology (IT certification preferred)
Min. Educational Qualification: Graduation (Preferably Computer Science, Cyber Security, Information Technology etc.)
Relevant Work-experience: 5 to 6 years of Information Security experience, 2 years min. information security in BFSI Insurance, preferred
Location - Goregaon
Level - IL4 Upper
Certifications: OSCP, CEH, CISSP, CISA, CISM, ISO 27001:2013 LA
Job Description:
Be responsible for setting IS Standards, Checklist, Guidelines such as:
- IS guidelines and any supporting templates;
- Standards for Technology Risk Assessments (TRA) for any process / technology change or new technology sourcing
- Manage internal / third party Ethical hacking / Vulnerability Assessment / Penetration Testing, Red Team assessment activities etc.
- Methodology / checklist for performing the TRA and approval matrix based on the results of the TRA BCP / DR standards including methodology for conducting Risk Assessment (RA) and Business Impact Analysis (BIA)
- Application security and Vendor risk assessment standards
- IS related trainings standards including frequency for IS related trainings for employees / contractors and the IT / IS teams
- Security testing baselines for conducting Vulnerability Assessment and Penetration Testing of IT systems (infrastructure and applications) including mandating the use of internal and external vendors based on asset classification
- Liaising with the business teams to define the roles within each application under their purview depending upon the business requirements
- Shall review the training / skill set requirements for the SOC / LAM / DLP teams
- Manage Information Security Projects/assessments etc
- Perform daily InfoSec operational activities like FnF Clearance, approvals etc.
- Conduct or participate Cyber security drill as per the requirement
- Assign detailed responsibilities and action steps to manage cyber crisis
- Identify the active risks along with the threat vectors related to cyber crisis
- Support response and investigation activities related to the cyber crisis
- Review regulatory impact and compliance obligations
- All other tasks/activities/projects etc. delegated by Chief Risk Officer (CRO) / Chief Information Security Officer (CISO)
Didn’t find the job appropriate? Report this Job
Download the iimjobs app to
apply for jobs anywhere, anytime
Download on
App Store
Get it on
Google Play
Scan to Download