Information Security-grc
9 hours ago
**Role / Designation**: Manager - Information Security Governance, Risk & Compliance Job Level: 12A/13A Job location: Mumbai Employment type: On-Roll Reporting Manager: Chief Information Security Officer Accountabilities: 1. Establishing and maintaining Information security program conforming to ISO/IEC 27001:2015 for uplifting the cyber resilience and incident response for CRISIL in compliance to Information Security and Cybersecurity Policy, Common Security Standards, Technical Security Standards, Industry best practices and CISO Directives. 2. Responsible for assisting CISO in reporting to CRISIL Management and IT Risk Committee the critical cyber security threats and vulnerabilities that CRISIL is exposed to, ensuring emerging cyber threats and the bank’s preparedness in response to these threats are reported and discussed in the CRISIL IT Risk Committee.
3. Be the focal person for CRISIL during various audits, be able to communicate accurately and effectively CRISIL’s security posture and regulatory compliance status. Be the point of contact and interact regularly with regulatory agencies and Computer Emergency Response Team (CERT-In). 4.
Support and manage ISO 27001 and SOC2Type2 external and internal audits. 5. Responsible for driving the regulatory compliance for Cyber Security Framework and all current and future advisory notes received from the regulator. 6.
Being the information security and cyber policy owner, responsible for development of (but not limited to) CRISIL Information Security and Cyber Security Policy, Data Governance and Classification Policy, Access Control Policy, Acceptable use of assets and asset management policy. 7. Keep abreast with country specific cyber threats through maintaining close work relationship with regulatory agencies CERT-In, attend RBI’s cyber events & trainings 8. Establish a Cyber Management Group with representations from CRISIL management and functional heads.
Establish and maintain the Cyber Incident Response Plan (CIRT) which defines the roles and responsibilities amongst key functional stakeholders during a cyber incident. 9. Planning and executing periodic cyber breach simulation exercises, make sure CRISIL Branch is well prepared for any cyber breach incidents with widespread impacts. 10.
Responsible for developing CRISIL cybersecurity KRIs and KPIs and presenting the KRIs and KPIs to CRISIL risk committee for independent challenge and management oversight. 11. Work with the CISO & CIO to develop a holistic risk management framework for CRISIL. 12.
14. Manage risks associated with third party suppliers, conduct third party due diligence and ongoing risk management activities in accordance to the bank’s Third-Party Risk Management Framework. 15. Conduct Information Security awareness training periodically to general staffs and functional leads across the CRISIL.
16. Communication should be expert. Education / Experience / Other Information - Bachelor degree in Engineering or Graduation in Computer Science degree or equivalent degree - 12-15 years’ experience in information security, cybersecurity, technology risk management in large multinational financial / technology institutions environment - ISMS ISO 27001 LI/LA and other Security related certifications viz., CISA / CISM (or equivalent) is an advantage. - Hand-on experience on Process definitions, process drafting, documentation, conducting and managing audits, knowledge of Data privacy laws of various countries - Excellent verbal and written communication skills.
**No. of Openings**: 01
-
GRC Consultant
2 weeks ago
Mumbai, India Shunyatattva Full timeHiring for GRC consultant IINeed Immediate Joiner II ONLY MUMBAI CANDIDATES II Please before applying go through JD II Salary II Location II.Hiring for Information Security Consultant II Experience in implementing and managing information security and other frameworks for at least 2-5 years II Need Immediate Joiner II.We are looking to hire an Information...
-
Information Security GRC Specialist
4 weeks ago
Mumbai, India Ubique Systems Full timeWork location : Mumbai Positions : 2 Experience : 4 + years Job Description – Information Security GRC Specialist (4 year experience) Sector: NBFC · 4 years of experience in Information Security GRC within the NBFC sector. · Strong knowledge of RBI guidelines, ISO 27001, NIST, DPDP frameworks, and submission requirements. · Expertise in regulatory...
-
Information Security GRC Engineer
2 weeks ago
Mumbai, Maharashtra, India ECL Finance Full time ₹ 15,00,000 - ₹ 25,00,000 per yearPosition: Information Security GRC EngineerJob Description: We are seeking a dedicated and talented Security GRC Engineer to join our Information Security Team. He / She will be responsible for ensuring that our organization adheres to relevant regulations, standards and internal policies related to information security and data privacy. The ideal candidate...
-
Information Security GRC Manager
7 hours ago
Navi Mumbai, Maharashtra, India Jio Full time ₹ 8,00,000 - ₹ 12,00,000 per yearJob Description Information Security GRC ManagerWork Location: Navi MumbaiKey Focus Area: Information Security GRCKey Responsibilities: Policy Development and Enforcement: Develop, implement and maintain Information Security policies, procedures, standards, frameworks, and associated plans based on industry best practices such as ISO...
-
Cyber Security GRC
2 weeks ago
Mumbai, Maharashtra, India Forvis Mazars Full time ₹ 15,00,000 - ₹ 25,00,000 per yearJob Title: Manager/Senior Mnager Information Security (GRC)Location: Mumbai Experience: 8+ yearsRole OverviewWe are looking for an Information Security Manager with strong expertise in Governance, Risk, and Compliance (GRC). The role involves implementing security frameworks, managing audits, leading compliance initiatives, and driving cross-functional...
-
Mumbai, India Natobotics Full timeJob Title: VP Information Security (Governance, Risk & Compliance)Location: MumbaiEmployment Type: Full-timeAbout the Role:We are seeking an accomplished Information Security leader to join our Global CISO team, with a primary focus on Governance, Risk, and Compliance (GRC). This role will play a critical part in enhancing and embedding our unified risk and...
-
SAP Security Consultant
3 weeks ago
Mumbai, India Avensys Consulting Full timeAvensys is a reputed global IT professional services company headquartered in Singapore. Our service spectrum includes enterprise solution consulting, business intelligence, business process automation and managed services. Given our decade of success, we have evolved to become one of the top trusted providers in Singapore and service a client base across...
-
GRC Junior Consultant(Cyber security)
2 weeks ago
Mumbai, Maharashtra, India AMUS HIRING Full time ₹ 6,00,000 - ₹ 12,00,000 per yearCompany DescriptionAMUS HIRING provides remote hiring services to save time and money for businesses by offering a pool of skilled candidates. Specialized in Freight Forwarding, Logistics, Transport, and Supply Chain industries, AMUS HIRING offers full-time, dedicated professionals experienced in various fields. Located in Mumbai, AMUS HIRING ensures quick...
-
GRC Analyst
2 weeks ago
Mumbai, Maharashtra, India PINKVILLA Full time ₹ 8,00,000 - ₹ 24,00,000 per yearPinkvilla is seeking a dynamic Information Security professional, who will play a key role in driving compliance programs, managing audits, supporting data protection initiatives, and ensuring third-party security risks are effectively identified and mitigated.Key ResponsibilitiesGovernance, Risk & Compliance (GRC)Develop, implement, and maintain information...
-
Data Protection/GRC Officer
3 weeks ago
Mumbai, India Dashhire Full timeDescription:We are seeking a highly skilled Data Protection Officer (DPO) / GRC Officer responsible for ensuring compliance with global security and data protection regulations. The ideal candidate will oversee governance, risk, and compliance (GRC) programs, implement security frameworks, and safeguard sensitive data across the Build and manage Governance,...
