As a Security Risk and Regulatory Compliance manager
You ll be:
Ensuring the operational enforcement of and compliance to, various security standards related to IT Security, Physical Security, Personnel Security, Cyber , Privacy , Data Protection , Network Security and Regulatory security.
Having an experience in enterprise riks management , threats modeling , vulnerabilities assessment
Having an understanding of operations and extensive experience of performing security assessments across suppliers, vendors, internal shared functions like HR/IT/Procurement etc.,
Having domain know and experience of performing security assessment and recommend corrective measures for Data, Cyber, Physical security, customer security and industry standards such as ISO 27001, SOC2 , PCI, NIST, CIS-18 etc.
Possessing technological understanding of controls for Data protection, Data privacy priciples and Industry security standards, cryptography, network/application security, web security, etc.
Understanding of network perimeter security, Cyber Security operations, SIEM tools and solutions, SOC design and operations , Incident management
Ability to perform Physical security design reviews (Perimeter security, CCTV, Access control etc.) and recommend/test controls
Managing the day to day site security governance and operations by enforcing BT s Security standards and policies across business operations, suppliers, shared functions like IT, HR, Facilities management etc.
Working with other groups in Information Security and other functions in organization for ensuring seamless alignment of Security with business operations / transformation processes
Able to clearly articulate and communicate verbally and in writing the security risks in various domains and work with senior management to mitigate the same
Managing emergency response plans to deal with cyber security incidents and reporting threats to relevant bodies.
Managing Information Security awareness program.
Maintains security and operational efficiency metrics through comprehensive reporting, including ad-hoc requests, historical/trend reporting, and tracking against established baseline
Manages where needed Security Team Members to ensure high performing and well motivated people delivering a specific function or service.
Able to undertake travels to perform the physical, environmental and cyber security assessments and incident responses
Managing your stakeholders , timely reporting and collaboration