Hyderabad Jobs |
Banglore Jobs |
Chennai Jobs |
Delhi Jobs |
Ahmedabad Jobs |
Mumbai Jobs |
Pune Jobs |
Vijayawada Jobs |
Gurgaon Jobs |
Noida Jobs |
Hyderabad Jobs |
Banglore Jobs |
Chennai Jobs |
Delhi Jobs |
Ahmedabad Jobs |
Mumbai Jobs |
Pune Jobs |
Vijayawada Jobs |
Gurgaon Jobs |
Noida Jobs |
Oil & Gas Jobs |
Banking Jobs |
Construction Jobs |
Top Management Jobs |
IT - Software Jobs |
Medical Healthcare Jobs |
Purchase / Logistics Jobs |
Sales |
Ajax Jobs |
Designing Jobs |
ASP .NET Jobs |
Java Jobs |
MySQL Jobs |
Sap hr Jobs |
Software Testing Jobs |
Html Jobs |
Job Location | Mumbai City |
Education | Not Mentioned |
Salary | Not Disclosed |
Industry | Banking / Financial Services |
Functional Area | General / Other Software |
EmploymentType | Full-time |
*Were looking for an Information and Cyber Security Risk Officer (ISRO) to work within our Digital Bank. Were a small, but growing, and have new and very exciting problems to solve. We work in project-based sprints in small, interdisciplinary teams.As an ISRO youd be able to work on and solve some of the many interesting challenges we are facing, learn new ways of working, and build delightful high-quality products for our customers.Job DescriptionThe ISRO will have a strong understanding of operating in a second line capacity within the risk management organization, and can respond flexibly and collaboratively to evolving business, regulatory and threat requirements. The role reports directly to the Chief Information and Cyber Security Risk Officer (CISRO) to address information and cyber security (ICS) as a principal risk type for the Venture and support the Venture s overall Enterprise Risk Management strategy. The role will work closely with the CISO and Technology teams to provide oversight and challenge of ICS risk management and control effectiveness.The Role Responsibility:Assist the CISRO to develop and implement the ICS Risk Type Framework, Policies and Standards for the Venture; Oversee and challenge the first line ICS risk management proposals and risk-taking activities; Providing guidance to the first line if the activities are not in line with the Risk Appetite; Ensure the first line implements controls to comply with applicable laws and regulations and escalate significant regulatory non-compliance matters and developments to the CISRO; Monitoring of ICS risks and associated remediation plans; Establish strong relationships with relevant stakeholders and understand their strategic goals.Our Ideal Candidate:Degree in Engineering, Computer Science/Information Technology or its equivalent. Exposure to cloud native architecture, services, technologies and ways-of-working, including but not limited to: microservices, containerisation, orchestration (Kubernetes) One or more of the following certifications will be strongly preferred: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) SANS Global Information Assurance Certifications (GIAC) Certified in Risk & Information Systems Control (CRISC) Certified Information Systems Auditor (CISA) Strong knowledge of cyber security frameworks (e.g. NIST, ISO/IEC 27000-series), information security principles, architecture, and cryptography 10 years practical knowledge and experience in the ICS field in Banking and Financial services. Exposure or hands-on experience in infrastructure / web application penetration testing, technical design vulnerability assessment and operational security risk assessments is preferred. Knowledge of MAS regulatory requirements related to Technology and ICS risk (MAS 644, 655, TRMG 2021) Strong analytical skills and ability to priorities, make decisions, and work to tight timeframes. Strong communication skills oral, written and presentation. Strong interpersonal and stakeholder management skills, across various levels in the organization including senior leadership. Must be a self-starter who is able to initiate and successfully drive programs and projects to completion with little or no management supervision,
Keyskills :
certified information security managerstrong analytical skillsenterprise risk managementstrong communication skillssecurity riskcyber securityrisk managementweb applicationenterprise risktechnical design