Pb Information Security Officer, As

**PB Information security officer, AS**:
**Job ID**:R0362696

**Full/Part-Time**:Full-time

**Regular/Temporary**:Regular

**Listed**:2025-01-16

**Location**:Mumbai

**Position Overview**:
**Job Title - PB Information security officer, AS**

**Location - Mumbai, India**

**Role Description**

Divisional Risk and Control is responsible for non-financial risk and control management for the relevant operating Division or Infrastructure function or Dedicated Central Control Unit for the bank. Work includes:

- Defining the risk management framework
- Developing process and procedures to report on, manage, and mitigate risks to acceptable levels
- Maintaining operational control and discipline across the organizational unit Ensuring that business is conducted in accordance with applicable laws, regulations and in adherence to the bank's internal policies
- Providing thought-leadership around business specific risk taxonomies, assessment methodologies, process and control implementation
- Developing, tailoring and testing the control infrastructure for the business Communicating regulatory development and implications to the business Executing certain risk-related processes and draft first like risk procedures (e.g. product reviews, issue capture, regulatory change management, vendor management etc.)
- Managing Risk and Compliance data and information for both first and second lines
- Coordinating execution of risk and control self-assessment (RCSA) process Driving messaging and information from second line to first line (e.g., policies, procedures, training)
- Providing a consolidated view of non-financial risks
- Developing a positive risk culture, whilst assuring strategy alignment among various organizational levels

**What we’ll offer you**

As part of our flexible scheme, here are just some of the benefits that you’ll enjoy
- Best in class leave policy
- Gender neutral parental leaves
- 100% reimbursement under childcare assistance benefit (gender neutral)
- Sponsorship for Industry relevant certifications and education
- Employee Assistance Program for you and your family members
- Comprehensive Hospitalization Insurance for you and your dependents
- Accident and Term life Insurance
- Complementary Health screening for 35 yrs. and above

**Your key responsibilities**
- Responsible to ensure compliance with the Information Security Policy and the subordinate documents within area of responsibility
- Ensure any changes to the roles are supported by documented valid justification/s along with an Impact and Risk assessment as part of business decisions
- Execute IS Risk assessment and compliance evaluations for assigned IT assets with support from BSO community
- Review and address quality issues within ISO scope of responsibilities
- Ensure execution of Information Security risk management in line with DB Information Security Policy/Guidelines including 1) InfoSec controls 2) Mitigating Control weakness 3) End user access review and recertification 4) provide InfoSec advisory on vendor relationships 5) Support BCM and DR exercise from ISO perspective 6) Providing guidance on control implementation
- Support Chief ISO delegate on relevant actions and initiatives.
- Create Segregation of Duties (SoD) rules for IT, assess SoD Rule violations and make exception decisions
- Participate in Information Security initiatives and programmes, as relevant;
- Review and assess severity of information security breaches and recommend appropriate follow-up actions, where necessary
- Advise local business and other partners on CSO solutions and facilitate service adoption in cooperation with Central CSO teams
- Support in the review and assessment of data leakage incidents relevant to PB Booking Centre

**Your skills and experience**

**Education & Experience**:

- Proven experience of working within Information Security / Information Technology environment ideally in Banking Environment
- Experience working on small to medium scale projects at least within a global environment
- Professional certification including ISO27001 - Lead Auditor/ Lead Implementer, CISM, CRISC
- University degree

**Competencies**:

- Outstanding problem solving, analytical and project management skills
- Proficiency with Microsoft Office programs; e.g. Excel, Word and PowerPoint
- Ability to work in pressurised situations
- Strong work ethic, commitment to excel and proven capacity to work effectively with minimum supervision
- Strong communication (written and verbal) and relationship skills with excellent command of the English language
- Very good influencing and management skills to liaise effectively with Business and control functions

**Personal Characteristics**:

- Proactive attitude and self-initiative
- Ability to think laterally.
- Strong Team Player skills as well as working independently
- Eagerness to learn and adapt to new situations and processes
- Delivery-focused, able to manage multiple deliverables to deadlines
- Flexibility w