
Position Title AVP – Information Security Governance
1 day ago
Position Title
AVP – Information Security Governance & Compliance
Role
Managing Information Security Governance, Risk & Compliance, and Awareness Activities.
Reporting To
VP – Information Security Governance & Compliance
Key Responsibilities
To manage
Compliance with "Guidelines on Information and Cyber Security for Insurers" issued by the Insurance regulator, IRDAI
- Compliance with other guidelines related to Information Security/Data Security/Cyber Security/Information Security Management System (ISMS), issued by the Insurance regulator and/or any other regulator
- Compliance with information security requirements of government of India like CERT-In, MeitY etc.
- Compliance information security policies, standards, procedures and guidelines
- Compliance with Bank Group information security requirements, as advised by Group CISO
- Development, review and updating Policy, Standards & Procedures, SOPs and all other documents related to Information & Cyber Security
- Sustenance of ISO 27001:2022 certification and practices for all types of controls
- Implementation & maintenance of IT / Cyber GRC solution to streamline and automate Cyber security processes.
- Security risk assessments for general controls like process reviews, assessment at outsourced vendor locations, branch locations etc.
- Security risk assessments for new technologies & processes or any change in to existing technology & processes.
- Drive Cyber Security Maturity Assessment program, coordination with stakeholders to review the existing processes and implementation of recommended measures to improve the maturity score.
- Development & management of Information Security awareness training program and promote security culture across the organization at all the levels including special programs for IT department and Information Security department employees
- Evaluation of new security products and monitor implementation of security software/products
Assist / Support for Vendor/Third Party risk management for information & cyber security
To work closely with various teams and functions to ensure effective implementation of Information & Cyber Security controls.
- To plan & prepare for governance committee meetings, minutes, actionable in a timely manner including Group meetings & Internal meetings
- To oversee governance of SOC activities, ensure review of SOC effectiveness program and implementation of recommended measures.
- To prepare and present compliance/assessment / review reports / Cyber KRI to management
- To track closure / mitigation of reported vulnerabilities and
prepare Dashboards and Action Taken Reports of various security assessments/reviews for different IT & Business teams
- To ensure that when exceptions/deviations / non-adherence to the Information Security Policies are proposed by the IT Owner/Business Owner, the risk assessment process is completed and appropriate recommendations are put up to senior management.
- To stay informed about global best practices and latest developments in the field of information security including technology and management practices.
Critical competencies
- Knowledge in the areas of Information Security/ IT Governance, Risk, Compliance
- Coordination, Follow-up, Persuasive
Person Profile
Engineering Graduate/Management Graduate with ISO 27001 LA and having minimum 12 years of total experience, out of which minimum 7 years in the areas of Information Security/IT Security/ IT Governance, Risk & Compliance.
Preference will be given to candidates having professional certifications of CISA/CISSP/CISM/CRISC and having knowledge as well as job experience on Cyber GRC implementation /management.
Key Interactions
- Chief Actuary & CRO, Head - Risk Management & Fraud Monitoring
,
CIO, CISO - Head/Team Leader of different teams of IT, Risk Mgmt. Learning & Development and Other Business Departments
- Manager of different teams of IT and Business Department
- Information Security Consultants/Service Providers
Measures of success
- Information Security Governance & Compliance responsibilities are effectively communicated to all role holders
- Risk mitigation measures are appropriate and in line with global best practices.
- Successful Implementation and management of Information Security Programs including ISO 27001 Standard & Third-Party Cybersecurity Risk Programs in mitigating the overall information security risks.
- Information and Cyber Security awareness programs are appropriate and implemented properly
Location
CPC Seawoods / Belapur
Interested candidates can share their updated resume on
-
NFRM Information Security
3 weeks ago
Mumbai, Maharashtra, India Deutsche Bank Full timeJob DescriptionNFRM Information Security & Technology Risk Specialist, AVPPosition OverviewJob Title:NFRM Information Security & Technology Risk SpecialistLocation: Mumbai, IndiaCorporate Title: AVPRole Description- An Information Technology & Security Risk Specialist to join the 2nd LoD Information Security & Technology Risk Team. The team is global, this...
-
IT Governance and Security- 7 yrs
20 hours ago
Navi Mumbai, Maharashtra, India Mizuho Global Services Full time ₹ 5,00,000 - ₹ 8,00,000 per yearCompany website: - Position: IT Governance and SecurityJob Summary: -The ideal candidate will possess a strong understanding of IT governance, risk management, cybersecurity, and regulatory compliance, with experience in the banking or financial services industry.Key Responsibilities:IT Governance:Develop, implement, and maintain IT governance frameworks to...
-
Control and Governance Analyst, AVP
6 days ago
Mumbai, Maharashtra, India Deutsche Bank Full time ₹ 6,00,000 - ₹ 18,00,000 per yearControl and Governance Analyst, AVPJob ID: R0406543Full/Part-Time: Full-timeRegular/Temporary: RegularListed: Location: MumbaiPosition OverviewIn Scope of Position based Promotions (INTERNAL only)Job Title: Control and Governance AnalystCorporate Title: Assistant Vice PresidentLocation: Mumbai, IndiaRole DescriptionInfrastructure Finance is currently hiring...
-
Mumbai, Maharashtra, India Raise Full timeRole Summary : Raise is built on this core philosophy - we will bring exceptionally great products, awesome user experience and best in class customer service to our users. We have started with our first step by launching an Investment & Trading platform Dhan in November 2021.As an IT Governance & Compliance Manager, you will be responsible for driving the...
-
Information Security Engineer
1 day ago
Navi Mumbai, Maharashtra, India WTW Global Delivery And Solutions Full time US$ 90,000 - US$ 1,20,000 per yearJob SummeryAs the Information Security Associate within the Business Security Operations (BusSecOps) team, you will be responsible for implementing and maintaining information & cyber security practices across WTW.Candidate would be required to gain a high-level of knowledge and understanding of critical technology applications and security standards. You...
-
Sr Information Security
2 weeks ago
Navi Mumbai, Maharashtra, India Kiya Full time ₹ 20,00,000 - ₹ 25,00,000 per yearDear Candidates,GreetingsEnclosed below the Job description-Key Responsibilities:Security Operations & Incident ManagementMonitor and manage daily security operations, including threat detection, incident response, and log analysis through SOC tools.Coordinate incident handling activities and conduct root cause analysis and reporting.Maintain and update the...
-
Information Security Consultant
3 weeks ago
Mumbai, Maharashtra, India Bank of America Full timeAbout Us At Bank of America we are guided by a common purpose to help make financial lives better through the power of every connection Responsible Growth is how we run our company and how we deliver for our clients teammates communities and shareholders every day One of the keys to driving Responsible Growth is being a great place to work for our...
-
Assistant Vice President
3 weeks ago
Navi Mumbai, Maharashtra, India Evoke HR Solutions Full timePosition Title : AVP - Information Security Governance & ComplianceRole : Managing Information Security Governance, Risk & Compliance, and Awareness Activities.Reporting To : VP Information Security Governance & ComplianceKey Responsibilities : To manage : - Compliance with Guidelines on Information and Cyber Security for Insurers issued by the Insurance...
-
Information Security Analyst
3 days ago
Navi Mumbai, Maharashtra, India Inspiroz IT services Pvt Ltd Full time ₹ 4,00,000 - ₹ 12,00,000 per yearUrgent Opening for Cyber security | Freshers | Navi MumbaiPosting Title: Information Security Analyst (SOC)Company Name: Inspiroz IT Services Pvt ltdJob Location: Ghansoli, MahapeWork Mode: Work from officeJob DescriptionThe primary function of the SOC Associate is to analyse any incidents flagged by the Security Tools and undertake a detailed investigation...
-
Information Security Consultant
3 weeks ago
Mumbai, Maharashtra, India Bank of America Full timeJob DescriptionJob Description:About UsAt Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a...