Information Security Risk Management Lead

2 weeks ago

Chennai, India SMARTWORK IT SERVICES Full time

Information Security Risk Management (IRM) Lead

Location : Bangalore, Chennai, Hyderabad

Experience : 11-15 Years

Employment Type : Full-time

Job Overview :

We're seeking a highly experienced and strategic Information Security Risk Management (IRM) professional to develop, manage, and execute the IRM program across Mashreq Bank. This mid-senior level role is critical in enhancing the bank's resilience by effectively identifying, assessing, and mitigating information security risks, both internal and external. You'll bring sound expertise in information security, robust project management skills, and a proven ability to engage with senior and executive management.

Job Description :

- Develop, implement, and continuously mature the Information Security Risk Management program across the entire organization.

- Play a critical role in effectively identifying, assessing, and mitigating information security risks, stemming from both internal operations and external third parties.

- Manage enterprise-level projects with multiple stakeholders, providing advisory support and ensuring successful outcomes.

- Possess strong experience and knowledge across the broader Information Security and Cyber Security domains, including governance frameworks, policy and procedure development, compliance management, risk management, and security incident response.

- Conduct comprehensive risk assessments, including business impact analysis, threat modeling, and vulnerability assessments.

- Implement and manage Third-Party Risk Management (TPRM) programs, performing detailed supplier risk assessments.

- Maintain and enhance the bank's Information Security Management System (ISMS), ensuring alignment with industry best practices and regulatory requirements.

- Drive the prioritization of security risks and mitigation efforts, making sound, data-driven decisions.

- Collaborate effectively with various internal teams (e.g., IT operations, legal, compliance, business units) and external partners.

- Prepare and present detailed risk reports, findings, and recommendations to senior management and executive leadership.

- Stay updated on emerging information security threats, industry trends, and regulatory changes, integrating new insights into the IRM program.

- Contribute to the development and enforcement of information security policies and standards.

Required Skills & Experience :

- 11-15 years of total experience in the Information Security domain, with a strong focus on risk management.

- Minimum 4+ years of experience in project management of complex engagements, involving multiple stakeholder interactions and advisory support to clients.

- Expertise in TPRM (Third-Party Risk Management), supplier risk assessment, and overall risk management frameworks.

- Proven experience in managing and enhancing an ISMS (Information Security Management System).

- Sound knowledge and practical expertise in conducting various types of risk assessments.

- Strong understanding and practical experience across Information Security and Cyber Security domains, including governance, policy procedures, compliance management, risk management, and security incident response.

- Experience working in the banking domain or with banking/payment industry clients is essential.

- Strong interpersonal, analytical, and technical skills.

- Demonstrated strong decision-making and prioritization skills.

- At least one of the following industry certifications: CISM, CISA, CISSP, CRISC.


(ref:hirist.tech)

  • Head - Information Security

    2 hours ago

    Chennai, India Saaki, Argus & Averil Consulting Full time

    Will be responsible for developing and implementing the enterprise vision, strategy, and security program to ensure information assets and technologies are adequately protected. Maintaining a current understanding of the cybersecurity landscape to effectively protect the organization.  Key Responsibilities: Improve and implement a comprehensive...

  • Head - Information Security

    7 hours ago

    Chennai, India Saaki Argus & Averil Consulting Full time

    Will be responsible for developing and implementing the enterprise vision, strategy, and security program to ensure information assets and technologies are adequately protected. Maintaining a current understanding of the cybersecurity landscape to effectively protect the organization. Key Responsibilities: Improve and implement a comprehensive...

  • Information security analyst

    2 weeks ago

    Chennai, India Lexitas Full time

    About the company Lexitas is a high growth company. The Company is built on a belief that having strong personal relationships with our clients, and providing reliable, accurate and professional services, is the driving force of our success. Lexitas offers an array of services including local and national court reporting, medical record retrieval, process...

  • Information Security Analyst

    1 week ago

    Chennai, India Lexitas Full time

    About the companyLexitas is a high growth company. The Company is built on a belief that having strong personal relationships with our clients, and providing reliable, accurate and professional services, is the driving force of our success.Lexitas offers an array of services including local and national court reporting, medical record retrieval, process...

  • Information security manager

    4 weeks ago

    Chennai, Tamil Nadu, India SourceHOV Full time

    The ideal candidate will have a wealth of experience tackling various hardware and software problems. They should be comfortable providing technology solutions to employees and working closely with third party software companies to adopt new technologies and efficiently use existing ones. This candidate should have prior experience working with information...

  • Information Security Analyst

    2 weeks ago

    Chennai, India Lexitas Full time

    About the companyLexitas is a high growth company. The Company is built on a belief that having strong personal relationships with our clients, and providing reliable, accurate and professional services, is the driving force of our success.Lexitas offers an array of services including local and national court reporting, medical record retrieval, process...

  • Information security analyst

    2 weeks ago

    Chennai, India Lexitas Full time

    About the company Lexitas is a high growth company. The Company is built on a belief that having strong personal relationships with our clients, and providing reliable, accurate and professional services, is the driving force of our success. Lexitas offers an array of services including local and national court reporting, medical record retrieval,...

  • Information Security Analyst

    1 week ago

    Chennai, India Lexitas Full time

    About the companyLexitas is a high growth company. The Company is built on a belief that having strong personal relationships with our clients, and providing reliable, accurate and professional services, is the driving force of our success.Lexitas offers an array of services including local and national court reporting, medical record retrieval, process...

  • Information Security Manager

    4 weeks ago

    Chennai, Tamil Nadu, India SourceHOV Full time

    The ideal candidate will have a wealth of experience tackling various hardware and software problems. They should be comfortable providing technology solutions to employees and working closely with third party software companies to adopt new technologies and efficiently use existing ones. This candidate should have prior experience working with information...

  • Information Security Analyst

    4 weeks ago

    Chennai, Tamil Nadu, India Lexitas Full time

    About the company Lexitas is a high growth company. The Company is built on a belief that having strong personal relationships with our clients, and providing reliable, accurate and professional services, is the driving force of our success. Lexitas offers an array of services including local and national court reporting, medical record retrieval, process...