Assistant Vice President - Cyber Security

Position Title : Associate Vice President - Cyber Security. Role : Assist the CISO by managing Core Cyber Security programs and handling strategic planning of Cyber security. Reporting To : Chief Information Security Officer (CISO). Key Responsibilities : - Handling the Core Security infrastructure planning, architecture & security operations. - Drawing up and implementing new Cyber security initiatives, preparing cyber security architecture of the meet its projected needs and to remain abreast of times in terms of Cyber Security Standards & Procedures. - Guiding and monitoring Vulnerability management program, Red team exercises, Cyber Resilience exercises etc. - Initiating pro-active compliance measures to comply with legal & regulatory as well as group guidelines. Key Performance Areas : - ICT Security Infrastructure / Cyber Security Planning. - Draw and update periodically Cyber Security program. - Analyse and establish security requirements/ systems/networks including Cloud setups. - Defend systems against unauthorized access, modification and / or destruction. - Design Offensive and Defensive Security practices. - Design vulnerability management program and conduct various types of security compliance assessments / Vulnerability testing, risk analysis etc. to ensure operational security. - Defining security standards for different areas like technology risk assessment, access privileges, control structures and resources. - Oversee and monitor routine security administration. - Manage Cyber Security Maturity Assessment initiatives. - Establish cyber security requirements for Third Party / External Party system integrations with Company's systems as well as support for Third Party Infosec risk management. - Support for establishing day-to-day monitoring practices of Cyber SOC based on legal / regulatory requirements and best practices. - Incident Management : Respond immediately to security incidents, manage remediation and provide post-incident analysis, identify abnormalities and report violations. - Train fellow employees in security awareness, protocols and procedures. - Research and recommend security upgrades, new security solutions etc. - Provide technical advice to colleagues. Management reporting : - Co-ordinate with external/regulatory agencies. Vendor Management : - Maintain relationships with company's partners who support various IT security infrastructure components, reviews / assessments etc. - Enhance the level of monitoring mechanisms for these partners' performance and delivery standards / SLAs. - Negotiate contracts with vendors and manage costs and schedule of deliverables. - Work with multi department and multi vendor situations. Compliance : - Ensure implementation of proper standards for cyber risk governance as well as regulatory compliance. - Be responsible for cyber security management and compliance with Information and Cyber Security policy framework as well as legal /regulatory. - Prescriptions and Group guidelines. Provide Expertise : - Provide industry expertise in all aspects of the Cyber security needs/program. - Track a broad range of emerging cyber security technologies to determine their maturity and applicability to the Company. - Map current and future cyber security standards. - Develop standards and benchmarking for IT security being used in the company. - Evaluate the cost efficiency of emerging security related technologies and assess their applicability to current needs of the company. Critical competencies : - Professional degree /certifications : - Knowledge in the areas of Information and Cyber Security. - Team building, Coordination, Follow-up, Persuasive. Person Profile : - Engineering Graduate/ Management Graduate with ISO 27001 LA / CEH. - Preference will be given to candidates having professional certifications of CISSP / CISA/CISM/CRISC and having knowledge as well as job experience on ISO 27001 implementation/system administration/management of application software development & support apart from the above cyber security mgmt experience. Key Skills : - Keen interest in Information and Cyber Security and developments in the sector. - Attention to detail, analytical abilities and the ability to recognize trends in data. - Creativity and patience; Logic and objectivity; Inquisitive nature. - Proactive approach with the confidence to make decisions. - Methodical and well-organized approach to work. - Ability to work under pressure and meet deadlines. - Good communication skills and the ability to interact effectively with a range of people. - Understanding of confidentiality issues and the law relating to them. Key Interactions : - Chief Actuary & Chief Risk Officer, CIO, CISO, CITSO, CAO, Group CISO. - Head/Team Leader of different teams of IT, Risk Mgmt. and Business Departments, Key Persons at Offices & Branches. - Information Security Consultants/Service Providers. Measures of success : - Successful Implementation and management of Cyber Security Programs in mitigating the overall cyber security risks of the company. - Information and Cyber Security responsibilities are effectively communicated to all role holders. - Cyber Risk mitigation measures are appropriate and in line with global best practices. (ref:hirist.tech)

Location: mumbai, IN

Posted Date: 3/13/2025