Job Description
• Establish, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program
• Work directly with the business units to facilitate risk assessment and risk management processes
• Develop and enhance an information security management framework
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
• Provide leadership to the enterprise's information security organization
• Partner with business stakeholders across the company to raise awareness of risk management concerns
• Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems
• Conduct regular internal audits in compliance with applicable legal and contractual requirements, ISO 27001, HIPPA and PCI DSS requirements and company’s internal requirements
• Conduct regular Management reviews and update the management on information security aspects. The MRMs shall also focus on drawing Management attentions to the key areas for required management actions.
• He is responsible to ensure customer audits as well as re-certification and surveillance audits and successful.
• Coordinate with relevant stakeholders to address the NC closures.
• He shall ensure the information incidents are responded and resolved on time to ensure compliance with legal and contractual requirements.
• Support internal and external Audits like PCI DSS, HIPPA, SOX and ISO27001
Desired Skills/Experience:
• Bachelor’s Degree in technology or Engineering or a technology-related field required.
• Professional security management certification CISM, CISSP, CISA etc.
• Minimum of 10 to 16 years of experience in a combination of risk management, information security, 3rd party security and IT jobs
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, and PCI DSS.
• Hands-on experience on application security, VAPT, System hardening, SEPM, SIEM, WAF etc…
• Excellent written and verbal communication skills and high level of personal integrity
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
• Experience with contract and vendor negotiations and management including managed services.
• Specific experience in Agile (scaled) software development or other best in class development practices.
• Experience with Cloud computing and security across virtualized environments
💡 Quick Summary
Seeking a career-building opportunity? The Information Security Manager position is now open for candidates interested in the BPO Jobs sector. This role in Kolkata offers a professional environment and growth potential.
Requirement Snapshot: Candidates should possess basic communication skills, a proactive attitude, and the ability to work in a team. Experience in BPO Jobs is a plus.
