IS Governance-GRC(Governance, risk and compliance)

Job Description for AVP - IS Governance

1. Oversee ISO 27001 maintenance activities

a. ISMS, policies, Procedures and hardening documents.

b. Risk assessment for in scope processes of the Bank

c. Manage Information Security awareness program

d. Perform internal audit for ISO 27001 and information security policy compliance.

2. Manage Bank wide risk assessments for information security

3. Manage Third Party Information Security Assessments of partners providing services to the Bank.

4. Upkeep and review the data flow diagrams with units and review Data Leakage policies.

5. Coordinate with various internal stakeholders for closure of all open IS issues /audit findings.

6. Risk assessment of banking solutions/ applications

7. Experience to data and network security tools would be added advantage

8. Support in defining security requirements for new platforms introduced in the Bank.

Qualification

Minimum Bachelor degree in engineering (Preferably Electronics, IT or Computer technology)

At least one Certifications from following should be done.

ISO 27001 LA / Implementer, CISA, CISM, CISSP

Experience

Minimum 4 years in information Security domain, preferably in banking or financial institutions.