Job Position : Information Security Manager
Job Description :
The Information Security manager is expected to liaise with other teams (Internal & External)to manage Information & IT Security related activities with regards to RBI PSS, PCI DSS & other security compliance requirements like ISO 27001.
• Perform risk assessment, define all security controls to address riskidentified.
•Document non-compliance with standards and work towards timely resolution of any open issues with the respective application / process / stakeholder
Responsibilities
•Responsible for implementation of an Information Security Framework across all functions of the organization
•Work with stakeholders to define systems requirements for new technology implementations
•Defend security audits conducted by customers (Banks), PCI (VISA, MA) & regulatory bodies (RBI)
•Carry out BCP & DR Drills
•Implement a cost-effective Information Technology security program for the Organization including policies, procedures, guidelines, awareness training, overall security infrastructure and monitoring
•Responsible for designing and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicable laws and regulations
•Lead, design, implement, operate and maintain Information Security compliance program
•Champion PCI DSS certification & other security certifications
•Create procedures, perform system security audits, penetration-tests, and vulnerability assessments
•Proactively conduct internal audits based on security policies defined, highlight non-compliances and suggest actions to resolve the same
•Monitoring FIM & SIEM tool alerts
•Prepare & send status reports to all key stakeholders
Qualifications
•BE/Any other relevant graduate technical degree with at least 6-8 years of full-time work experience in information security management and/or related functions (such as IT audit and IT Risk Management)
•Information security management qualifications such as CISSP, CISM, or CISA mandatory
•Additional relevant professional certifications will be an advantage.
Skills
•PCI DSS Certification / exposure is mandatory
•Experience with security standards like ISO 27001, PCI-DSS, PA-DSSwith sound knowledge in data and transaction security especially end-to-end Key management and PIN encryption
•Deep understanding of information security principles and best practices required
•Experience in having completed at least 1 end-to-end PCI-DSS scope discovery, system audit and resolution of non-compliances
•Experience in execution of BCP & DR Drills for systems & applications
•Experience in implementing and/or managing security change projects in medium to large enterprises
•Experience in implementation/ review of Network Security Architecture, Infrastructure Security, Vulnerability Assessment/ Penetration Test etc
•Good analytical and communication skills
•Ability to interact with senior management of the company and enlist their commitment to all Security Process initiatives
•Ability to champion and draw support from all staff from the various departments of the company in a tactful manner
•Ability to work in teams and escalate “critical” issues to his/her Supervisor
•Ability to work under pressure to meet tight deadlines
Experience
•Should have worked in Banking or Financial Services domain
•8-10years in similar capacity in the Payments space working for IT related Systems Integration house or Service Provider organization similar to the Company.
•Exposure to payment services such Payment Switch, ATM, POS, Card Issuance will be preferred
Company Name : Client of Symmetrical
Location : Mumbai
Job Code : HR/SGS/329
Experience : 8
Job Salary
Last Date To Apply : 30.08.2014
Posted on : 21.7.2014
|
|
|
