Job Details

Job Summary


Experience:

6.00 - 11.00  Years 

Industrial Type:

IT-Software/Software Services

Location:

Mumbai

Functional Area:

IT Software - Network Administration / Security

Designation:

Senior Manager - Information Security (GRC)

Key Skills:

PCI DSS, ISO 27001, CERT-In, DPDP,IAM,DLP,SIEM,

Educational Level:

Graduate/Bachelors

Job Post Date:

Stream of Study:

Degree:

BCA, BCS, BE-Comp/IT, BE-Other, BSc-Comp/IT, BTech-Comp/IT, BTech-Other

Company Description


Our Client was founded by 3 IIMers in the year 2000. Client is an electronic presentment technology and payment services company. The Company is focused on leveraging technology to enable banks,businesses and other institutions to present invoices, statements and bills to
consumers or businesses and receive payments against them.

Their Product powers electronic payments and collections services for the largest banks and companies in India and also manages the bill payment service of Visa in India. It operates as a neutral service bureau aggregating multiple banks, billing companies and other corporations onto a common standards-based platform for delivering electronic payments and collection services across multiple electronic channels.

Their Product manages these services across a range of access channels viz. Internet Banking, ATM Banking, Tele Banking, Mobile Banking etc. The Payment Gateway services of our Client enable customers to pay online using either their electronic banking accounts or credit cards.

Job Description


Work Location: Andheri (W) – Veera Desai Road (Supreme Chambers) Nearest Metro Railway Station: Azad Nagar.

Job Title: Senior Manager, Information Security – GRC

Position: Senior Manager, Information Security
Role: Information Security Officer

Responsibilities
Maintain, implement and periodically review the organization`s Information Security policies, standards, procedures and guidelines to ensure alignment with applicable regulatory requirements, PCI DSS, ISO 27001, CERT-In, DPDP and industry best practices.
Assist the CISO in developing and enhancing the organization`s Information Security governance framework, policies, standards and security processes based on evolving regulatory requirements, emerging cyber threats and business needs.
Work closely with Product, Engineering, Application Development, Infrastructure, Cloud and Operations teams to ensure security controls are embedded into technology platforms, applications and operational processes.
Review the security architecture of new products, applications, infrastructure and technology initiatives and recommend appropriate security controls based on security-by-design principles.
Conduct periodic management reviews of critical security controls including Firewall Rules, Web Application Firewall (WAF), Identity & Access Management (IAM), User Access Management, Privileged Access Management (PAM), Network Security, Endpoint Security and other information security controls, and ensure timely remediation of identified gaps.
Conduct technical security assessments of applications, infrastructure and enterprise security controls, identify areas of improvement and drive implementation of corrective actions.
Develop, implement and periodically review Information Security aspects of Business Continuity and Cyber Resilience plans to ensure resilience of critical business services.
Lead and coordinate enterprise Information Security initiatives and projects including Data Loss Prevention (DLP), Security Information and Event Management (SIEM), Vulnerability Assessment & Penetration Testing (VAPT), Identity & Access Management (IAM), DPDP compliance, Security Automation, Cybersecurity AI and other strategic security programs.
Engage and coordinate with external consultants, technology partners and service providers for implementation of information security solutions and ensure successful delivery of security projects.
Review security exceptions, risk acceptance requests and compensating controls, ensuring appropriate approvals, documentation and mitigation measures are in place.
Support internal and external audits by implementing remediation actions, coordinating closure of observations and strengthening security controls across the organization.
Develop security dashboards, governance reports, Key Risk Indicators (KRIs), Key Performance Indicators (KPIs) and management reports for the CISO and senior leadership.
Promote security awareness, secure development practices and a strong security culture across the organization.

Experience
6 to 10 years of hands-on experience in Information Security Governance, Information Security Management, Security Architecture or Cyber Security within Banks, Financial Institutions, Payment Aggregators, FinTech organizations or Information Security Consulting firms.
Experience implementing Information Security programs aligned with RBI regulations, PCI DSS, ISO 27001, CERT-In directions and DPDP requirements.
Experience working with Product Engineering, Infrastructure and Cloud teams to implement security controls across enterprise environments.
Experience implementing enterprise security technologies such as DLP, SIEM, IAM/PAM, Vulnerability Management, Security Monitoring, Endpoint Security, Network Security and Cloud Security solutions.
Experience managing cross-functional security initiatives and coordinating implementation across multiple technology teams.

Skills
Information Security Governance
Information Security Policy & Standards Management
Security Architecture and Secure Design Review
Identity & Access Management
Network Security and Infrastructure Security
Information Security Risk Assessment
Security Control Reviews
Regulatory Security Requirements (RBI, PCI DSS, ISO 27001, CERT-In, DPDP)
Business Continuity and Cyber Resilience
Security Metrics, Governance Reporting and Executive Communication
Strong stakeholder management and cross-functional collaboration skills

Qualifications: Bachelor’s Degree in Information Security/ Computer Science; Certified Information Systems Auditor (CISA); Certified Information Security Manager (CISM); PCI DSS/ ISO 27001 – Lead Auditor or Implementer

Did not find a matching job? You can still send your CV to jobs@sampoorna.com or Register Here