Position Title AVP – Information Security Governance

2 weeks ago

Navi Mumbai, India Evoke HR Solutions Pvt. Ltd. Full time

Position Title

AVP – Information Security Governance & Compliance

Role

Managing Information Security Governance, Risk & Compliance, and Awareness Activities.

Reporting To

VP – Information Security Governance & Compliance

Key Responsibilities

  1. To manage

  2. Compliance with "Guidelines on Information and Cyber Security for Insurers" issued by the Insurance regulator, IRDAI

  3. Compliance with other guidelines related to Information Security/Data Security/Cyber Security/Information Security Management System (ISMS), issued by the Insurance regulator and/or any other regulator
  4. Compliance with information security requirements of government of India like CERT-In, MeitY etc.
  5. Compliance information security policies, standards, procedures and guidelines
  6. Compliance with Bank Group information security requirements, as advised by Group CISO
  7. Development, review and updating Policy, Standards & Procedures, SOPs and all other documents related to Information & Cyber Security
  8. Sustenance of ISO 27001:2022 certification and practices for all types of controls
  9. Implementation & maintenance of IT / Cyber GRC solution to streamline and automate Cyber security processes.
  10. Security risk assessments for general controls like process reviews, assessment at outsourced vendor locations, branch locations etc.
  11. Security risk assessments for new technologies & processes or any change in to existing technology & processes.
  12. Drive Cyber Security Maturity Assessment program, coordination with stakeholders to review the existing processes and implementation of recommended measures to improve the maturity score.
  13. Development & management of Information Security awareness training program and promote security culture across the organization at all the levels including special programs for IT department and Information Security department employees
  14. Evaluation of new security products and monitor implementation of security software/products

  15. Assist / Support for Vendor/Third Party risk management for information & cyber security

  16. To work closely with various teams and functions to ensure effective implementation of Information & Cyber Security controls.

  17. To plan & prepare for governance committee meetings, minutes, actionable in a timely manner including Group meetings & Internal meetings
  18. To oversee governance of SOC activities, ensure review of SOC effectiveness program and implementation of recommended measures.
  19. To prepare and present compliance/assessment / review reports / Cyber KRI to management
  20. To track closure / mitigation of reported vulnerabilities and

prepare Dashboards and Action Taken Reports of various security assessments/reviews for different IT & Business teams

  1. To ensure that when exceptions/deviations / non-adherence to the Information Security Policies are proposed by the IT Owner/Business Owner, the risk assessment process is completed and appropriate recommendations are put up to senior management.
  2. To stay informed about global best practices and latest developments in the field of information security including technology and management practices.

Critical competencies

  • Knowledge in the areas of Information Security/ IT Governance, Risk, Compliance
  • Coordination, Follow-up, Persuasive

Person Profile

Engineering Graduate/Management Graduate with ISO 27001 LA and having minimum 12 years of total experience, out of which minimum 7 years in the areas of Information Security/IT Security/ IT Governance, Risk & Compliance.

Preference will be given to candidates having professional certifications of CISA/CISSP/CISM/CRISC and having knowledge as well as job experience on Cyber GRC implementation /management.

Key Interactions

  1. Chief Actuary & CRO, Head - Risk Management & Fraud Monitoring
    ,
    CIO, CISO
  2. Head/Team Leader of different teams of IT, Risk Mgmt. Learning & Development and Other Business Departments
  3. Manager of different teams of IT and Business Department
  4. Information Security Consultants/Service Providers

Measures of success

  1. Information Security Governance & Compliance responsibilities are effectively communicated to all role holders
  2. Risk mitigation measures are appropriate and in line with global best practices.
  3. Successful Implementation and management of Information Security Programs including ISO 27001 Standard & Third-Party Cybersecurity Risk Programs in mitigating the overall information security risks.
  4. Information and Cyber Security awareness programs are appropriate and implemented properly

Location

CPC Seawoods / Belapur

Interested candidates can share their updated resume on

  • Position Title AVP – Information Security Governance

    1 day ago

    Navi Mumbai, Maharashtra, India Evoke HR Solutions Pvt. Ltd. Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    Position TitleAVP – Information Security Governance & ComplianceRoleManaging Information Security Governance, Risk & Compliance, and Awareness Activities.Reporting ToVP – Information Security Governance & ComplianceKey ResponsibilitiesTo manageCompliance with "Guidelines on Information and Cyber Security for Insurers" issued by the Insurance regulator,...

  • Avp - Information Security

    3 days ago

    Vikhroli, Mumbai, Maharashtra, India Gminfotech Full time

    **Job Title: AVP - Information Security** Location: Vikhroli West Experience: 10+ years Certifications: Mandatory (CISSP, CISA, CISM, CEH, or equivalent) Key Responsibilities: Develop, implement, and maintain information security policies, procedures, and best practices. Conduct risk assessments, vulnerability testing, and security audits to identify...

  • Avp, Information Security

    1 week ago

    Mumbai, India TransUnion Full time

    TransUnion's Job Applicant Privacy Notice **What We'll Bring**: Basic Requirements: - 7-8 years of experience in information security - audits & assessments, security operations - Team management experience, leadership presentations - Metrics and Dashboard, weekly, monthly reports and quarterly presentations to the management. - At minimum, one security...

  • Avp(Information Security Governance

    1 week ago

    Mumbai, India BharatHire.Com Full time

    From 10 to 17 year(s) of experience- ₹ Not Disclosed by Recruiter- Mumbai (All Areas)**Roles and Responsibilities** Engineering/Management Graduate with ISO 27001 LA & having mini 12 yrs of total exp, out of which minimum 7 years in the areas of Information Security/IT Security/ IT Governance, Risk & Compliance. experience on ISO 27001...

  • NFRM Information Security

    2 weeks ago

    Mumbai, India Deutsche Bank Full time

    Job Description NFRM Information Security & Technology Risk Specialist, AVP Position Overview Job Title:NFRM Information Security & Technology Risk Specialist Location: Mumbai, India Corporate Title: AVP Role Description - An Information Technology & Security Risk Specialist to join the 2nd LoD Information Security & Technology Risk Team. The team is...

  • NFRM Information Security

    2 weeks ago

    Mumbai, India Deutsche Bank Full time

    NFRM Information Security & Technology Risk Specialist, AVP Job ID: R Full/Part-Time: Full-time Regular/Temporary: Regular Listed: Location: Mumbai Position Overview Job Title: NFRM Information Security & Technology Risk Specialist Location: Mumbai, India Corporate Title: AVP Role Description An Information Technology & Security Risk Specialist to join the...

  • NFRM Information Security

    3 weeks ago

    Mumbai, Maharashtra, India Deutsche Bank Full time

    Job DescriptionNFRM Information Security & Technology Risk Specialist, AVPPosition OverviewJob Title:NFRM Information Security & Technology Risk SpecialistLocation: Mumbai, IndiaCorporate Title: AVPRole Description- An Information Technology & Security Risk Specialist to join the 2nd LoD Information Security & Technology Risk Team. The team is global, this...

  • Avp - IT Delivery

    1 day ago

    Navi Mumbai, Maharashtra, India Reserve Bank Information Technology Private Limited (ReBIT) Full time

    **AVP - IT Delivery** **Experience & Qualifications** - 20-23 of total experience. - Deep technology know-how on Java technology stack with exposure to new age architectures (Microservices), latest design patterns, RESTful service development, DevSecOps etc. - Drive System Integrations function across organisation & innovation in Business Excellence &...

  • Information Security Internship

    1 day ago

    Vashi, Navi Mumbai, Maharashtra, India Anzen Technologies Private Limited Full time

    ANZEN Technologies Pvt. Ltd. is a one stop solution for industry-leading services, solutions and products in the Cyber Security, IT Governance, Risk Management, and Compliance space. We provide End to End security services & consultancy to sectors, ranging from Critical Infrastructure Installations to BFSI, eCommerce, IT/ITES, Pharmaceuticals and many more....

  • IT Governance and Security- 7 yrs

    2 weeks ago

    Navi Mumbai, India Mizuho Global Services Full time

    Company website: - Position: IT Governance and Security Job Summary: - The ideal candidate will possess a strong understanding of IT governance, risk management, cybersecurity, and regulatory compliance, with experience in the banking or financial services industry. Key Responsibilities: IT Governance: Develop, implement, and maintain IT governance...