Security Incident Management Lead

Assistant Vice President - Security Incident Management Lead

About Us

SBI Card is a leading pure-play credit card issuer in India, offering a wide range of credit cards to cater to diverse customer needs. We are constantly innovating to meet the evolving financial needs of our customers, empowering them with digital currency for seamless payment experience and indulge in rewarding benefits. At SBI Card, the motto 'Make Life Simple' inspires every initiative, ensuring that customer convenience is at the forefront of all that we do. We are committed to building an environment where people can thrive and create a better future for everyone.

SBI Card is proud to be an equal opportunity & inclusive employer and welcome employees without any discrimination on the grounds of race, colour, gender, religion, creed, disability, sexual orientation, gender identity, marital status, caste etc. SBI Card is committed to fostering an inclusive and diverse workplace where all employees are treated equally with dignity and respect which makes it a promising place to work.

Join us to shape the future of digital payment in India and unlock your full potential.

What's in it for YOU

1. SBI Card truly lives by the work-life balance philosophy. We offer a robust wellness and wellbeing program to support mental and physical health of our employees
2. Admirable work deserves to be rewarded. We have a well curated bouquet of rewards and recognition program for the employees
3. Dynamic, Inclusive and Diverse team culture
4. Gender Neutral Policy
5. Inclusive Health Benefits for all - Medical Insurance, Personal Accidental, Group Term Life Insurance and Annual Health Checkup, Dental and OPD benefits
6. Commitment to the overall development of an employee through comprehensive learning & development framework

Role Purpose

Responsible for developing and running end-to-end program for managing the security incident life-cycle of all kind of Information Security Incidents including Information Governance & Security , getting routine investigation, forensics & eDiscovery etc. done in association of in-house team and service partners.

Role Accountability

1. Oversee the monitoring, identification and resolution of security incidents to detect threats through analysis, investigations and prioritization of incidents based on risk exposure
2. Develop and manage Incident Management program including monitoring, review, triage, assessing impact, diagnostic and data collection, troubleshooting and remediation, interacting with requestors etc.
3. Develop and maintain an incident response management program that includes incident detection, analysis, containment, eradication, recovery and chain of evidence/ forensic artifacts required for additional investigations
4. Lead the implementation and sustenance of security incident response plan and associated playbooks for all security related incidents
5. Oversee SBIC incident response tools and processes, covering proactive planning and prevention, as well as reactive detection and remediation
6. Manage Information Security Incidents including assessment, quantification, investigation and mitigation including liaison with IT teams and other business function
7. Record and classify received Incidents and undertake an immediate effort in order to restore a service/reach resolution stage as quickly as possible
8. Report incidents to the regulator (RBI) as per the mandate
9. Develop and manage metrics and reporting on the effectiveness of the security incident response program which includes reports to leadership
10. Identify trends in security incident response and regulatory requirements for the necessary changes in the program
11. Work with multiple internal and external stakeholders to drive triage, analysis, containment, and eradication of the incidents and provide leadership in high risk incidents
12. Participate in various internal and external audits in context of security incident response program
13. Drive continuous improvements in people, process, and technology as it relates to the efficiency and effectiveness of the security incident response program
14. Define Policy and process for Security Incident Management including defining roles and responsibilities
15. Define Cyber Crisis management plan and conduct Cyber Crisis management drills at regular intervals involving IT and business stakeholders
16. Monitor, respond, and report compliance to SLA's and managing security incidents related to IT systems covered under security programs like SIEM, DLP, Anti-Phishing Brand and Dark-Web Monitoring.
17. Assess Security Incidents and lay down strategies to reduce the likelihood of future occurrences
18. Ensure process documentation and compliance adherence

Measures of Success

1. Incident Management Program as per approved policy and regulatory requirements
2. Timely and accurate reporting of Incidents to regulator (RBI)
3. Logging, responding and closure of Incidents as per agreed SLA
4. No adverse observation in Internal/external audits
5. No of improvement opportunities identified in Security Incident Management processes/procedures
6. Increase in maturity of Security Incident Management operating model
7. Effective root cause analysis and remediation for identified security incidents
8. Timely and accurate publication of MIS / Business dashboards
9. Publication of Incident report as per the prescribed format within the agreed timeframe
10. Process Adherence as per MOU

Technical Skills / Experience / Certifications

1. In-depth knowledge of security concepts such as cyber attacks, threat vectors, best practices, risk and incident management etc.
2. Information security experience, with a very strong technical background and significant security Incident response experience
3. Understanding of Security Terminology i.e. Network Security, Vulnerability, Anti-Virus, Virus/Trojans/Spam/Attack Pattern
4. Understanding of configuration and security controls of various information technology and security infrastructure components deployed on prem and cloud
5. Experience in handling various types of incidents like phishing, denial of service, malware, and unauthorized access etc.
6. Understanding of Security Information and Event Management (SIEM), Data Loss Prevention (DLP) and security incident response workflow management technologies.
7. Understanding of related BFSI regulations and its relevance to security incident management
8. Experience with and confidence to develop and socialize security operations playbooks across infrastructure and applications teams in IT
9. Strong understanding of security incident management lifecycle including CERT/SIRT and/or MITRE attack framework
10. At least one Industry-standard certifications such as CEH, CHFI, GIAC etc.

Competencies critical to the role

1. Stakeholder Management
2. Analytical ability
3. Process Orientation
4. Teamwork and Collaboration
5. Problem Solving

Qualification

Bachelor degree / B.tech in Computer Science / IT or any other relevant discipline

Preferred Industry

BFSI / NBFC /E-commerce/IT & ITES / Telecom