Associate Vice President / Vice President – Information Security

Job Requirements & Required Qualifications & Experience

1. Conduct risk assessment of banking solutions/ applications, processes, operations, technologies and vendor assessments.
2. Evaluate the adequacy and effectiveness of policies, procedures, processes, and internal controls.
3. Evaluate if policies, procedures and processes are in line with the regulatory requirements and standards like ISO 27001, PCI DSS, NIST etc.
4. Assess the technical security controls and identify the associated Information Security risks & recommended measures.
5. Responsible for security compliance to the regulatory requirements and industry standards.
6. Assess the exception requests in the security configurations for various platforms and application vulnerabilities and respond with the.
7. Assess the adequacy of Cloud Security controls for cloud based solutions.
8. Monitor and evaluate the regulatory compliance requirements for cyber security and act as SPOC for all the applicable information security regulatory requirements.
9. Coordinate with various internal stake holders to ensure the regulatory directives and understand actions taken to achieve compliance.
10. Monitor, track and coordinate with various stakeholders on open actionable (issues, non-compliances etc.)
11. Responsible for disseminating security policies and provide security awareness to all users via Workshops, flyers, e-learning portal etc.
12. Take on additional special projects and responsibilities as needed.

Qualification and Experience

* Minimum Bachelor degree in engineering (Preferably Information Security, IT or Computer Science technology) / MCA
* Certifications like ISO 27001 LA / Implementer, CISA, CISM, CISSP, PCI DSS, CSCP are preferred.
* 10-12 years of relevant working experience.
* Worked as a senior Information Security Governance role at strategic level for a Financial institution/Bank. Knowledge of architecting and delivering security solutions within financial institution/Bank is preferred.
* Sound knowledge of Cyber Security frameworks & regulatory guidelines preferably in banking environment. Knowledge on IT act and law would be an added advantage.
* Should have in depth knowledge and rich experience of Information Security assessments, Vendor technology risk reviews, Cloud hosting technologies and understanding of associated security management controls & Compliance essentials.
* Experience in working with various technologies.
* Experience working in highly regulated environments.
* Strong technical, analytical, and interpersonal skills.
* Superior attention to detail with excellent written and verbal communication skills.
* Shall have capability and passion to do research and look for innovation opportunities

Risk Category: 

Other Services of Interest

  • Global Compliances - Free Webinar on key Global Regulations

    EVENT OVERVIEW: Riskpro India is conducting a free webinar on how to be future ready with respect to Global Compliances. Alleviate risk and strengthen your control on global compliance with this...
  • Sarbanes Oxley (SOX) Compliance - Free Webinar

    EVENT OVERVIEW: Riskpro India is conducting a free webinar on SOX (Sarbanes Oxley) Compliance which will take you through the applicability and requirements of the SOX 404 and 302 Act. The...
  • Auditing EUC - Free Webinar

    EVENT OVERVIEW Uncontrolled and untested spreadsheet models pose significant business risks. These risks include: lost revenue and profits; mis-pricing and poor decision making due to prevalent but...
  • Personal Data Protection Services (PDP) - India

    Overview of the Indian PDP Bill (draft) 2018 The Indian PDP Bill (draft) 2018 is one of the most momentous steps towards safeguarding the personal data of citizens. The Bill gives citizens a say...
  • SSPA Assessment - Microsoft DPR Assessments

    The Supplier Security and Privacy Assurance (SSPA) and Data Protection Requirement (DPR) previously known as the Vendor Privacy Assurance Program is an assessment for Microsoft suppliers/vendors who...
  • Self Assessment Software Login - India Data Protection Regulation

    Riskpro India has developed a Self Assessment tool to evaluate and manage the compliance gaps against the almost here regulation on Data Protection. The Free Login access provides you the ability...
  • India: Data Protection Services

    The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years. Now India has its own version of Data protection regulation that will change...
  • Fire Safety Assessments and Training

    Some of our features of Fire Safety Assessments and Training • Fire Science • The common causes of fire • Identify fire hazards • Types of fires and extinguishers • Fire...
  • Data Protection Officer (DPO) Services

    Why a DPO The General Data Protection Regulation (GDPR) makes it compulsory for certain companies to appoint a DPO. this is a mandatory position that is expected to carry out certain defined tasks....
  • Go to top