Information Security Manager
Mumbai, India
DSP Mutual Fund
DSP Mutual Fund is a mutual fund investment company in India. Invest in all types of mutual fund schemes online with DSP today.
The purpose of this role is to ensuring confidentiality, integrity and availability of data and systems. Help protect the organization against evolving cybersecurity threats and regulatory challenges.
Objectives of the role:
Qualifications:
Objectives of the role:
- Review and update all existing policies and procedures based on identified gaps.
- Implement awareness programs/campaigns/Phishing simulations to keep employees informed about the importance of adhering to Cybersecurity policies.
- Regularly review and update the BCP to reflect changes in business operations, technology, and emerging threats.
- Prepare a detailed report summarizing the drill, including performance metrics, identified gaps, and recommendations for improvement.
- Schedule regular board and committee meetings to review organizational performance and strategic initiatives.
- Communicate & track Risk Assessment and Internal/External Audit findings till closer.
- Develop dashboards and reports to visualize and track performance against established metrics.
- Maintain a risk register to document identified risks, their potential impacts, and likelihood.
- Provide regular updates on risk management activities, including identified risks, mitigation efforts, and outcomes.
- Maintain thorough documentation of compliance activities and prepare timely and accurate reports for regulatory authorities as required.
- Responsible for Identity Management/ Identity & Access Governance/ Access Management. Maintaining user access and need to know basis privileges to produce sensitive data.
- Make recommendations to enhance information security, including processes, procedures, governance approaches, and compliance. Partner with Control and Compliance peers who lead and manage engagements with Internal/External Auditors as well as Regulatory Examiners.
- Understanding of Cloud Computing/Security concepts and Cloud Security Governance.
- Understanding of Data Privacy, GDPR, Data Protection, Data Classification.
- Technical knowledge and understanding of vulnerabilities and its impact, OWASP framework.
- Experience working with internal and external auditors and regulatory examiners in a corporate organization.
- Must have knowledge of risk management disciplines; security policies and standards; security awareness; IS risk management controls; 3rd party / vendor management.
- Proven experience implementing and rolling out key initiatives and tools.
- Knowledge of latest cyber security trends & global industry best practices pertaining to financial Industry.
- Understand concepts of controls and compliance.
- Excellent Interpersonal and Communication skills.
- Strong understanding of standards and frameworks ISO 27001, NIST, PCI DSS etc.
- Stakeholder Management
Qualifications:
- Bachelor's degree in Computer Science or equivalent.
- At least 1 of the following Certification: CEH, CISM, CRISC, CISA, ISO 27001.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
2
0
0
Category:
Leadership Jobs
Tags: CEH CISA CISM Cloud Compliance Computer Science CRISC GDPR Governance ISO 27001 NIST OWASP PCI DSS Privacy Risk assessment Risk management Vendor management Vulnerabilities
Region:
Asia/Pacific
Country:
India
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Security Analyst jobsInformation System Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Specialist jobsInformation Security Manager jobsSenior Cybersecurity Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsIT Security Engineer jobsCyber Security Specialist jobsSenior Penetration Tester jobsSenior Information Security Analyst jobsSecurity Specialist jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsSystems Engineer jobsSystems Administrator jobsSenior Product Security Engineer jobsPrincipal Security Engineer jobsInformation System Security Officer (ISSO) jobsStaff Security Engineer jobsCloud Security Architect jobsIT Security Analyst jobsSecurity Operations Analyst jobsInformation Systems Security Engineer jobs
Encryption jobsPowerShell jobsDevSecOps jobsKubernetes jobsSaaS jobsIDS jobsEDR jobsSplunk jobsSDLC jobsIPS jobsRMF jobsSQL jobsTop Secret jobsBash jobsIntrusion detection jobsThreat detection jobsCompTIA jobsITIL jobsFinance jobsActive Directory jobsDoDD 8570 jobsOWASP jobsCRISC jobsBanking jobsDocker jobs
UNIX jobsTCP/IP jobsVPN jobsSANS jobsClearance Required jobsHIPAA jobsGIAC jobsIT infrastructure jobsTerraform jobsSOC 2 jobsSOX jobsOSCP jobsCISO jobsData Analytics jobsJavaScript jobsIndustrial jobsCCSP jobsDNS jobsSOAR jobsGCIH jobsMITRE ATT&CK jobsAnsible jobsPolygraph jobsJira jobsSecurity strategy jobs