Director – Cyber Security

Total Experience: 15-20 Years Industry Experience

Relevant Experience: 10 Years

Qualification: AnyGraduate.

Location: Pune, India

Technical Know-How:

Hands-on experience in conducting IT Internal or External Audits, including evidence review and preparation of detailed audit reports. Strong understanding of fundamentals and standard procedures across key IT functions, such as Server Management, Network Management, Antivirus, Patch Management, SOC, VAPT, Access Management, and ITIL processes.

Job description:

• Lead enterprise-wide information security strategy and compliance programs.
• Design Company's policy and procedure.
• Ensuring Design effectiveness and operational effectiveness of all IT and business Processes.
• Identify cost effective right security tool and smooth rollout to across organization.
• Negotiation with vendor for cost optimization.
• Develop, implement & monitor an information security program to ensure that the integrity, confidentiality and availability of information is owned, controlled and processed by the organization.
• Conducting Half yearly ISMS Internal Audit & Managing client external Audit, Annual certification audits (ISO 27001, ISO 20001, ISO9001, PCI DSS, SSAE 18 SOC1 & SOC2, GDPR, HiTrust).
• Annual Data Protection & Privacy Compliance review.
• Conduct a Risk Assessment on newly introduced project.
• Ensuring compliance of Onboarding Offboarding, Physical Security, Desktop Management, Server Management (On Premises/ Cloud), Network Management, Application security, Website security, VA PT, hardening, SOC, Access management, BCP, Incident, Change, Problem and capacity management processes.
• Ensure frequency-based controls are executed on time (e.g. Log Review, User Access Review, Firewall Rule Review, VAPT, infosec training, Background verification etc.)
• Monthly Security Deck and presentation to senior Management
• Ensuring Inventory completeness on Laptop, Server, Network devices, Antivirus Report, Patch Report, Encryption report, Vulnerability Assessment, Hardening, Penetration Testing and Health Monitoring tool.
• Managing Risk Register, Security Incident & Issue tracker.
• Responding Client's Vendor Risk Assessment Questionnaire.
• Reviewing IT security related solutions, Mapping current IT controls with upcoming client requirements.
• Vendor Security review.
• Ensure Annual BCP/ DR Drill, Ransomware Simulation and Phishing simulation
• Identify and implement opportunities for automation to improve governance/audit controls.
• Information Security Awareness sessions.

Personal Skills:

• Currently working in a manager-level role within Information Security Governance and Compliance, with a strong focus on IT Security.
• Proficient in Advanced Excel and PowerPoint; knowledge of Power BI and Excel VB Macros will be an added advantage.
• Strong communication skills with the ability to present findings and recommendations effectively.
• Excellent analytical thinking and decision-making abilities.
• Ability to manage and oversee compliance initiatives, audits, and IT security governance frameworks.
• Strong attention to detail with a proactive and solution-oriented mindset.

About RIA Advisory:

RIA Advisory LLC (RIA) is a business advisory and technology company that specializes in the field of Revenue Management and Billing for Banking, Payments, Capital Markets, Exchanges, Utilities, Healthcare and Insurance industry verticals. With a highly experienced team in the field of Pricing, Billing & Revenue Management, RIA prioritizes understanding client needs and industry best practices to approach any problem with insight and careful strategic planning. Each one of RIA Advisory's Managing Partners have over 20 years of industry expertise and experience, our leadership and consulting team demonstrate our continued efficiency to serve our clients as a strategic partner especially for transforming

ORMB and CC&B space. Our operation are spread across US, UK, India, Philippines, Australia

• Services Offered:
• Business Process Advisory for Revenue management processes
• Technology Consulting & Implementation
• Help clients transition to latest technology suite and overcome business problems.
• Managed Services
• Quality Assurance
• Cloud Services