Manager - Information Security - NSE/BSE/SEBI/RBI/Exchange

Main responsibilities is to understand the circulars coming from all govt agencies (NSE / BSE / SEBI / RBI / Exchange) and implement those changes.

The missions of the IT SECURITY MANAGER covers all or part of the three major security activities for his (her) area:

1. Information Systems (IT) security

2. Cybersecurity

3. Data Security

The missions of the IT SECURITY MANAGER extend to the India territory (with a few minor exceptions), in accordance with the policy defined:

4. Take part in Implementing the Global Security strategy

5. Perform management of Global Security for India Territory

6. Perform Stakeholder Management of all key departments/entities

Key Responsibilities

- Analyze systems, protocols, interactions, and data to identify and response to active security threats in the environment.

- Collect, analyze, and report on malicious software and phishing messages targeting internal assets to understand the capabilities and indicators of compromise.

- Create and improve upon existing response, triage, containment, and recovery processes.

- Continually monitor for policy violations or incidents and actively participate in remediation

- Prepare documentation for technical controls and processes associated with information security solutions

- Work closely with other technology personnel to ensure the security of the environment and remediation of security events

- Perform IT Security Awareness and Trainings

- Be a Team Player and manage a team of IT Security professionals

Main Activities

- Perform regular IT Security reviews of all IT assets

- Work on IT Security analysis and exceptions on a case-by-case basis

- Assist end-to-end in Internal Audits, Regulatory Audits, External Audits

- Engage in Cyber Drills, Red Team exercises

- Support in the execution of Internal Risk Controls

- Perform Firewall Rule reviews

- Engage in Cybersecurity projects, Application Security Reviews, etc.

- Conduct IT Security reviews of Data Centers, Bank Branches, Workstations

- Perform Risk Assessments on new & exiting business solutions, infrastructure setup & applications

- Write Standard Operating Procedures in a structured format

- Follow-up on closure of findings/observations from Secure Code Reviews & Penetration Testing,

- Follow-up with IT Teams on Patching, Anti-Virus Updates, removal of non-standard assets, asset hardening, etc.

- User Access Management such as removal of Toxic Access Combinations, removal of elevated privileges,

Experience Required

- Extended knowledge of end-to-end IT Security concepts

- Good communication, technical writing/diagramming skills.

- Experience in the Finance & IT industry with a strong exposure to IT Operations, Application Security, SOC/SIEM, and/or network administration, IPS and Business Continuity

- Good understanding of financial trading and operating environment

- Must be able to handle customers in a confident, positive and responsive manner

- Network protocols and network connectivity concepts; Firewall and Internet technologies; Cloud Security, Banking Tools & Technologies;

- Secure access control mechanisms; Encryption and Key Management techniques

- To know how to define an action plan and to follow up on progress, be organized and meticulous

- Must be motivated, and able to work independently as well as part of a team

- Must demonstrate ethical responsibility, maturity, and discretion

- Microsoft Office tools such as MS Word, MS Excel, MS PowerPoint, SharePoint