Manager

7 - 12 Years
Gurgaon

Job Description

The candidate shall be responsible for the following:

Information Security Program Leadership:
  • a) Align closely with the business objectives and strategy of the company.
  • b) Provide advice and support to management and information users in the implementation of Information and Cyber Security Policy.
  • c) Manage DPLI-wide information security governance processes, convene the Information Security Committee meetings and lead the Information Security liaisons in the establishment of an information security program and project priorities
  • d) Align closely with IT and other functional teams to:
  • a. Monitor implementation of information security projects / tools / technologies of next generation such as identity & access management (Network access, Privilege access, identity access, single sign-on, MFA, MDM) & Data protection (e.g. cryptography, cloud security etc.)
  • b. Resolve & manage security issues that require an in-depth understanding of the IT environment.
  • e) Oversee the selection testing, deployment, and maintenance of security hardware and software products as well as outsourced arrangements
Policy, Compliance and Audit
  • a) Responsible for all compliance and audits whether regulatory, internal or external from IT side, be a representative, at regulator and industry forums.
  • b) Provide leadership, direction and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies.
  • c) Oversight on compliance with the changing laws and applicable regulations such as PCI, IRDAI, and Cert-FIN.
  • d) Lead the development and implementation of effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.
  • e) Coordinate with Internal / external auditors, and outside consultants as appropriate on required security assessments and audits.
Risk Management and Incident Response
  • a) Perform information security risk assessments with respect to Company's functional security domains as well as 3rd party vendor environments on an ongoing basis and report any significant risks to the ISC / senior management.
  • b) Building Information & Cyber Security Risk metrics / dashboards & reports for parameters across various domains.
  • c) Manage the Information and Cyber Security policy & standards of the Organization, incorporate feedback on the implications of the policy from the senior management and other business units.
  • d) Control & facilitate the identification, response, investigation, remediation and reporting of information security incidents
  • e) Managing the advance threat protection & strengthen the cyber incidents response framework & capabilities
  • f) Develop, implement and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk.
  • g) Examine impacts of new technologies on the organization's overall information security.

BCP and Cyber Crisis Management

  • a) Responsible for the BCP program of the company
  • b) Ensure Business and IT Resilience goals are met through planning, development and timely review & testing of BCP and DR plans covering people, site, technology and vendor outage scenarios
  • c) Ensure high availability, architectural resilience & recoverability requirements are met for applications and IT Infrastructure as per agreed RTO /RPO driven from BIA
  • d) Conduct annual BCP Risk Assessment against technology, environmental and geo-political risks and advice senior management on BCP strategies to cover short to long outage scenarios for site/city /country
  • e) Maintain and test the cyber crisis management plan to respond to cyber crisis, including threat intelligence services, detection, containment, response, recovery, forensic investigation root cause analysis.
  • f) Conduct periodic scenario-based simulation /table top crisis drills to evaluate and validate adequacy of Incident Management and recovery run-books/playbooks for multiple Cyber Risk events and emerging threats. Present the findings to Senior Management and follow-up on remediation /corrective actions
  • g) DR /BCP KPIs and Compliance Dashboards & Reports via self-service
Outreach, Education and Training
  • a) Promote user awareness initiatives within the organization develop and maintain IS policy, standards, procedures and guidelines to support the organizations' information security program.
  • b) Transform the information security program into specific actions which shall include awareness, security infrastructure, security incident response and risk management.
Create education and awareness programs and advise business units at all levels on security issues, best practices.

Perks and Benefits

Negotiable

Salary: INR 7,00,000 - 9,00,000 PA.

Industry:Insurance

Keyskills

Desired Candidate Profile

Please refer to the Job description above

Company Profile

Pramerica Life Insurance Limited

Pramerica Life Insurance Limited (PLIL), headquartered in Gurgaon, provides a wide range of life insurance solutions for individuals as well as groups. We take care of our customers' various financial protection needs such as securing their child's future, retirement planning, savings and wealth creation.
View Contact Details+

Recruiter Name:Pooja Tiwari

Contact Company:Pramerica Life Insurance Limited