Senior Manager/Manager - Information Security

SENIOR MANAGER - INFORMATION SECURITY

Information Security& Business Continuity (IS&BC) Manager - Sr Manager

The Information Security & Business Continuity (IS&BC) Manager will work with the company's Information Security Team. This role is highly visible both internally and externally and has the ability to shape the information security and Business Continuity program. This position reports to the DVP - Information Security Officer.

Essential Functions :

Information Security :

- Ensure that the information security requirements are integrated with IT system planning and development/acquisition life cycle.

- Establishing and reviewing the Security Risk Impact and selection of appropriate controls for risk mitigation by leveraging technology and an understanding of the threat landscape in the organization.

- Documenting and tracking exceptions, if any, to security policies and procedures along with the risk to the business.

- Periodically evaluate and review the effectiveness of information security controls

- Prepare and document the security dashboard with information security controls KPI/ KRI for continual improvement of information security and business continuity.

- Project Management skills to Co-ordinate with various external Agencies for the implementation of various Info Sec projects and activities

- Identify and Perform PoCs of information security solutions as per the business requirements.

- Responsible for Evaluating the security of Emerging Technologies (Quantum, Crypto, Blockchain, IoT etc.)

- Drive Third-Party Risk Management programs and assessments.

- Evaluate the vendor criticality criteria and align the vendor for various types of audits/ assessments.

- Incorporate feedback on the Third Party Audit/assessment and communicate to the various stakeholders and ISC.

Business Continuity :

- Coordinate the implementation of the 'Business Continuity Plan (BCP)'.

- Reviewing the Risk Assessment and Business Impact Analysis methodology.

- Periodically conduct mock drills and tabletop exercises to evaluate the effectiveness of the business continuity plan.

Education and Experience :

1. Bachelor's or Graduate Degree with sufficient background in information security, data privacy and business management disciplines.

2. Minimum of 14 years' experience in an information or cyber security role including experience managing a successful team.

3. At least one of several relevant certifications, such as CISA, CISM, CDPSE and CRISC are desired.

4. Experience with one or more frameworks and related compliance programs, such as the ISO 27001, ISO 22301 and Data Privacy certification.

5. Proven track record and experience in development and execution of information security policies and procedures within the technology or financial services industries.

6. Experience with both technical information security management and security program management.