Information Security Manager

Mumbai, India

DSP Mutual Fund

DSP Mutual Fund is a mutual fund investment company in India. Invest in all types of mutual fund schemes online with DSP today.

View all jobs at DSP Mutual Fund

Apply now Apply later

The purpose of this role is to ensuring confidentiality, integrity and availability of data and systems. Help protect the organization against evolving cybersecurity threats and regulatory challenges.
Objectives of the role:
  • Review and update all existing policies and procedures based on identified gaps.
  • Implement awareness programs/campaigns/Phishing simulations to keep employees informed about the importance of adhering to Cybersecurity policies.
  • Regularly review and update the BCP to reflect changes in business operations, technology, and emerging threats.
  • Prepare a detailed report summarizing the drill, including performance metrics,  identified gaps, and recommendations for improvement.
  • Schedule regular board and committee meetings to review organizational performance and strategic initiatives.
  • Communicate & track Risk Assessment and Internal/External Audit findings till closer.
  • Develop dashboards and reports to visualize and track performance against established metrics.
  • Maintain a risk register to document identified risks, their potential impacts, and likelihood.
  • Provide regular updates on risk management activities, including identified risks, mitigation efforts, and outcomes.
  • Maintain thorough documentation of compliance activities and prepare timely and accurate reports for regulatory authorities as required.
  • Responsible for Identity Management/ Identity & Access Governance/ Access Management. Maintaining user access and need to know basis privileges to produce sensitive data.
  • Make recommendations to enhance information security, including processes, procedures, governance approaches, and compliance. Partner with Control and Compliance peers who lead and manage engagements with Internal/External Auditors as well as Regulatory Examiners.
  • Understanding of Cloud Computing/Security concepts and Cloud Security Governance.
  • Understanding of Data Privacy, GDPR, Data Protection, Data Classification.
Skills Required:
  • Technical knowledge and understanding of vulnerabilities and its impact, OWASP framework.
  • Experience working with internal and external auditors and regulatory examiners in a corporate organization.
  • Must have knowledge of risk management disciplines; security policies and standards; security awareness; IS risk management controls; 3rd party / vendor management.
  • Proven experience implementing and rolling out key initiatives and tools.
  • Knowledge of latest cyber security trends & global industry best practices pertaining to financial Industry.
  • Understand concepts of controls and compliance.
  • Excellent Interpersonal and Communication skills.
  • Strong understanding of standards and frameworks ISO 27001, NIST, PCI DSS etc.
  • Stakeholder Management
Experience needed:This position requires minimum 6-9 years of relevant experience
Qualifications:
  • Bachelor's degree in Computer Science or equivalent.
  • At least 1 of the following Certification: CEH, CISM, CRISC, CISA, ISO 27001.
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  2  0  0
Category: Leadership Jobs

Tags: CEH CISA CISM Cloud Compliance Computer Science CRISC GDPR Governance ISO 27001 NIST OWASP PCI DSS Privacy Risk assessment Risk management Vendor management Vulnerabilities

Region: Asia/Pacific
Country: India

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.