Position: Information Security Officer - Cards Security, Digital Channel Security & Regulatory Compliance.
Designation: Manager / Senior Manager
Location: Mumbai / Noida (Hybrid Mode)
Role & responsibilities:
Role for Managing security of digital / card security and regulatory controls in Bank's Information Security Department based on following Standards; ISO27001, PCIDSS and NIST Cyber Security Framework.
- Understanding of industry development on payments and data security standards and enable business to provide secured systems.
- Drive end to end risk assessments for various regulatory / non regulatory requirements related to Cards & Digital Banking domain.
- Review of any new digital / card related product being introduced / modified wrt to Information Security controls to embed controls at the design stage.
- Review / draft relevant policies and procedures as per best practises.
- Articulate and create management reports and presentations for management reporting and regulatory submissions.
- Work closely with cross-functional teams and develop strong liaison relationships to drive information security.
- Support and consulting of Business Units and other departments (Operations Risk / Technical Risk) with regards to Information Security Issues.
- Experience in conducting Third Party Vendor Risk Assessments from Information Security Perspective.
- Performing Risk & Control Self Assessments (RCSA) for various functions/operations/applications being used by the Bank.
- Attend Audits (Internal, External, Regulatory Audits); prepare and maintain records / evidences.
- String knowledge in ISO 27001, NIST CSP, ISO 22301 standards.
Key Skills:
- Understanding of IT security industry standards (i.e. ISO 27001, PCIDSS, NIST cybersecurity framework)
- Leadership and management skills
- Sound communication skills
- Strong analytical and presentation skills
- Capable of self-organizing and prioritizing the work in an effective manner
- Proactive and self-motivated to work in complex organization.
- General Knowledge of legal framework for Information Security and Data Protection
Experience & Qualifications:
- 3-5 years in Information Security / cyber security domain
- Good understanding of, and experience with Information Risk Management, IT Security and Compliance.
- Graduate/Post-graduate in IT or Computer Science having sound knowledge in data security related standards.
Certifications:
- CISA/CISM/CISSP certification/s (preference)
Didn’t find the job appropriate? Report this Job