Senior Manager Information Security

Position Summary:- The Incumbent would be responsible to manage the information security governance, risk, and compliance process.- Standardize GRC policies, evaluate their impacts, and implement the relevant measure.- Liaise with Internal Audit, Corporate Compliance, Office of General Counsel and Risk Management to remediate new and outstanding issues; track security-related issues in the electronic GRC system.- This is a global role engaging stakeholders (at all levels) across geographies like India, Philippines and US.- Certifications such as CISA, CISSP, CISM, CEH, ISO27001 LA are required (The Incumbent needs to possess at least two certifications).- Incumbent should be a good effective communicator.- Information security team is a healthy mix of exuberance, expertise and experience.Job Functions and Responsibilities:- Develop and maintain a robust threat intelligence gathering and monitoring plan.- Review external threat Advisories and determine relevance to the organization and design an appropriate response strategy- Conduct assessment/review of IT processes and recommend action for improving IT governance maturity using reference frameworks like ISO 27001/ ITIL/others.- Provide reports to senior management for review of information security risks, governance, and compliance.- Keep abreast with latest security and privacy regulations, advisories and alerts.- Ensure compliance with organizational information security policies and procedures- Is responsible to manage security incidents and policy exceptions.- Regular checks of strength and efficiency of security system and provides security expertise for the business unit and function managers- Conduct IT security awareness through regular publishing of monthly security updates/bulletins and trainings (e.g., brown bags) to improve IT security knowledge of users and IT staff.- Provide advice and consultancy on security risks and controls.- Is responsible for keeping an up-to-date map of security risks, latest security and privacy regulations, advisories.- To participate to internal and external audits, and in liaison with regulatory and market bodies- Analysis on qualitative and quantitative Risk Approach i.e. Risk Assessment of all assets across group along with Risk Treatment Plan.- To analyze and assess security risks and their impacts, and implement the relevant measures.- Coordinates compliance and auditing activities and facilitates migration of non-compliant environments to compliant environments.- Is responsible to monitor and manage security-related nonconformitiesKey Result Areas:- High Quality Content creation for Information Security Presentations for councils such as MBR, TechOps and ITRC- Identification and Management of Information Security Risks- Manage Infosec risks in third party engagements and drive improvements across categories of vendors- Qualitative review and upkeep of InfoSec Policies and Procedures- Enhance Employee awareness to make it more engaging and effective.- Proactive identification of resolution of risks to maintain high InfoSec Posture ratings.- Track effective set of infosec metrics and drive improvement in security posture.- Participate in and Respond to InfoSec Audits, Questionnaires and Examinations- Enhance Incident Management preparedness and drive InfoSec incident management.Qualifications:- BE / BTech / ME / MTech / MBA with specialized Infosec certifications such as CISSP, CISA, ISO 27001 LI/LA, CISM- Bachelor of Engineering or equivalent- 15 + yrs of experience in the field of Information Technology & Security audits- At least nine (11) years of Information Systems & Security audit experience- Extended Knowledge of IT Security.- Experience in implementing IT controls within the IT governance framework and designing the overall governance framework.- Good Understanding of Risk and Compliance concepts and Tools- Good communication and documentation skills.WORK SCHEDULE OR TRAVEL REQUIREMENTS- 3 PM IST to 12 PM PST- Travel - Minimal.- To attend office in-person at the base location as and when required.COMPANY SUMMARYOcwen Financial Solutions Private Limited is a wholly owned subsidiary of Onity Group Inc., a leading non-