Job Position : Information Security Manager

Job Description :

Candidate shall be part of the Technology team and responsible for Information Security Management.
•Responsible for defining and implementing processes to ensure full compliance to best practice information security practices and other payment-specific security compliances & regulations.
•The Information Security manager is expected to liaise with other teams (Internal & External)to manage Information & IT Security related activities with regards to RBI PSS, PCI DSS & other security compliance requirements like ISO 27001.
•Perform risk assessment, define all security controls to address riskidentified.
•Document non-compliance with standards and work towards timely resolution of any open issues with the respective application / process / stakeholder.

Responsibilities
•Responsible for implementation of an Information Security Framework across all functions of the organization
•Work with stakeholders to define systems requirements for new technology implementations
•Defend security audits conducted by customers (Banks), PCI (VISA, MA) & regulatory bodies (RBI) Carry out BCP & DR Drills
•Implement a cost-effective Information Technology security program for the Organization including policies, procedures, guidelines, awareness training, overall security infrastructure and monitoring
•Responsible for designing and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicable laws and regulations
•Lead, design, implement, operate and maintain Information Security compliance program
•Champion PCI DSS certification & other security certifications
•Create procedures, perform system security audits, penetration-tests, and vulnerability assessments
•Proactively conduct internal audits based on security policies defined, highlight non-compliances and suggest actions to resolve the same
•Monitoring FIM & SIEM tool alerts
•Prepare & send status reports to all key stakeholders

Skills
•PCI DSS Certification / exposure is mandatory
•Experience with security standards like ISO 27001, PCI-DSS, PA-DSS with sound knowledge in data and transaction security especially end-to-end Key management and PIN encryption
•Deep understanding of information security principles and best practices required
•Experience in having completed at least 1 end-to-end PCI-DSS scope discovery, system audit and resolution of non-compliances
•Experience in execution of BCP & DR Drills for systems & applications
•Experience in implementing and/or managing security change projects in medium to large enterprises
•Experience in implementation/ review of Network Security Architecture, Infrastructure Security, Vulnerability Assessment/ Penetration Test etc

Qualification
•BE/Any other relevant graduate technical degree with at least 6-8 years of full-time work experience in information security management and/or related functions (such as IT audit and IT Risk Management)
•Information security management qualifications such as CISSP, CISM, or CISA mandatory
•Additional relevant professional certifications will be an advantage

Experience
•Should have worked in Banking or Financial Services domain
•8-10 years in similar capacity in the Payments space working for IT related Systems Integration house or Service Provider organization similar to company.
•Exposure to payment services such Payment Switch, ATM, POS, Card Issuance will be preferred

Company Name : Client of Symmetrical

Location : Mumbai

Job Code : HR/SGS/528

Experience : 8

Job Salary

Last Date To Apply : 30.11.2014

Posted on : 6.11.2014