logo

JobNob

Your Career. Our Passion.

Associate Manager - Applications - 10218

GMR Group

Location

Varanasi | India

Job description

JOB PURPOSE

To Manage Information Security activities and ITSM processes related to Airport IT Operations. To ensure Security, Quality and Compliance of Systems, Services , Processes . To ensure IT Process Alignment with Business and Stakeholder Requirements

To manage Information Security activities and Information Technology Services processes governance relating to IT Operations to ensure confidentiality, integrity and availability of systems, services and associated information are in tune with business and stakeholders needs and adhering to regulatory & statutory requirements

ORGANISATION CHART

Accountabilities

Key Performance Indicators

Strategy and Governance

  • Reducing gap between current state and desired state to acceptable risks.
  • Roll out corporate Initiatives as per corporate guidelines
  • Propose, Review and Recommend cost-effective solutions
  • Design and review Security Architecture Design and review Security Performance metricsReview Policy effectiveness
  • No of Reviews
  • No of Architectural Changes

Information Risk Management

  • Asset Classification
  • Business Impact Assesments
  • Threat and Vulnerability evalautions
  • Risk Assesment and Risk Management
  • Evaluate information security controls and countermeasures
  • Integrate risk, threat and vulnerability identification and management into information management life cycle
  • Vulnerabilities ManagementFormulate and Review Risk Acceptance Criteria
  • No of Risks Identified/Mitigated
  • No of Critical Incidents
  • Information Security Program Development and management
  • Identify and evaluate information security technologies, emerging trends
  • Align information security architectures with changing business needs
  • Develop information security standards, procedures and guidelines implement and communicate information security policies, standards, procedures and guidelines
  • Design controls and review controls effectiveness
  • Information security requirements are embedded into contracts and third-party management processes Design, implement and report security metrics for testing the effectiveness and applicability of information security controls
  • No of deviations from Policy
  • % compliance

Key Accountabilities

Accountabilities Key Performance Indicators

Strategy and Governance, Reducing gap between current state and desired state to acceptable risks., Roll out corporate Initiatives as per corporate guidelines, Propose, Review and Recommend cost-effective solutions, Design and review Security Architecture Design and review Security Performance metrics Review Policy effectiveness No of Reviews, No of Architectural Changes

  • Information Risk Management, Asset Classification, Business Impact Assessments, Threat and Vulnerability evaluations, Risk Assessment and Risk Management, Evaluate information security controls and countermeasures, Integrate risk, threat and vulnerability identification and management into information management life cycle, Vulnerabilities Management Formulate and Review Risk Acceptance Criteria, No of Risks Identified/Mitigated, No of Critical Incidents
  • Information Security Program Development and management, Identify and evaluate information security technologies, emerging trends, Align information security architectures with changing business needs, Develop information security standards, procedures and guidelines implement and communicate information security policies, standards, procedures and guidelines ,Design controls and review controls effectiveness, Information security requirements are embedded into contracts and third-party management processes Design, implement and report security metrics for testing the effectiveness and applicability of information security controls. No of deviations from Policy,% compliance

Information Security Incident Management, Manage Security operations center, Escalate unresolved issues, Schedule and Conduct Vulnerability, Penetration and Configuration tests and report findings and track findings to closure, Evaluate incident and problem related security incidents,, Security Log alerts review, Co-ordinate for forensics and analysis with vendor SLA, % Critical Incidents, Impact on CIA

  • IT Service Delivery and Support, Implement Plan, do check and act management System, Design of ITIL compliant Process and Procedures, Rollout of ITIL compliant Process and Procedures, Design of Metrics and KPIs, Design of SLAs, Support IT services in floating RFPs and Proposals, Review Effectiveness of Metrics and KPIs, Awareness and Training, Customer Satisfaction Surveys, IT Services Complaints Management, Vendor and Supplier Performance Feedback, Configuration Audits, Change Manager / Service Delivery Manager (Governance),Asset Management ,Service Improvement Management No of Service Improvements, %Backlogs(Problem/Change),Adherence to BCP

IS / IT Audit Process Management, ISO 20000/270001: ,Schedule Internal and External Audits, Internal auditor /management representative, Review audit findings, Conduct Management Review meetings, Corrective and preventive actions, Improve management systems, Compliance to respective Standards,, No of NCs,)

EXTERNAL INTERACTIONS

External - Roles you need to interact with outside the organization to enable success in your day to day work

Concessionaires/Regulatory Agencies /Airlines: Information Security Approvals for new service requests. Non-disclosure Agreements MDI Acceptance and awareness on Information Security Policy Regulatory and Legal Compliance Data privacy and Protections Incidents/Breaches Quality assurance

  • Vendors Information Security Policy Compliance Physical and Environmental controls in use of facilities Review of Incidents/ Breaches Regulatory and Legal compliance Contracts and Procurement Info security guidelines Upgrades / Releases/Patches Security Bulletins Awareness and Training Vulnerability and Security Assessment tailored to business needs SLA Reviews Audits Event and log correlation Quality Assurance
  • Implementation Partners: (Dubai Technology Partners, TCL, TTSL, BSNL, Pathfinder, IBM, KRONOS). Review for security policy compliance with Data and Privacy regulations Quality Assurance
  • Implementation Partners: (Dubai Technology Partners, TCL, TTSL, BSNL, Pathfinder, IBM, KRONOS). Review for security policy compliance with Data and Privacy regulations Quality Assurance
  • OEMs (UFIS, RESA, IER, SAFEGATE, BOSE, SIEMENS COMMUNICATION, SITA) : Performance Review SLA review Incidents and Problem review Legal and Regulatory compliance Security Policy compliance Quality Assurance

INTERNAL INTERACTIONS

Internal - Roles you need to interact with inside the organization to enable success in your day to day work

Business units Aligning Business Requirements with security policy Awareness Programs Compliance and Regulatory Requirements Contractual requirements Human Resources Pre entry, entry and exit Physical and Environmental Requirements Business Continuity Tests Access Controls Quality Assurance

Joint Venture Partners (HMACPL, HDFRL, NOVOTEL, FUEL FARM) : Security policy alignment with business requirements Security Awareness Regulatory and Legal compliance SLA Reviews Quality Assurance

GHIAL employees Policy awareness Policies compliance Trainings Incident Reporting and Management Quality Assurance

DIAL IT & Corporate IT: Share best practices

CISO: Ensure corporate requirements are rolled out to business unit-GHIAL Review technological and business unit security requirements Quality Assurance

FINANCIAL DIMENSIONS

  • OPEX AOP SIEM Log monitoring and Compliance
  • Cost optimization and Revenue maximizations assurance activities

Other Dimensions

  • Team size: 1
  • Customers : 130
  • End users : 1000+ (staff across HIAL, GADL & Other companies inside the campus using IT services)

Education Qualifications

  • Required B.E (Computers / Electronics /IT)
  • Required Postgraduate in computer/ IT
  • Required CRISC (Certified in Risk and Information Systems Control) / or CISA/ or CISM
  • Desirable MBA

Relevant Experience

Minimum 9-11 Years in IT with at least 8 Years in Information security, quality and assurance functions

COMPETENCIES

  • Personal Effectiveness
  • Social Awareness
  • Entrepreneurship
  • Problem Solving & Analytical Thinking
  • Planning & Decision Making
  • Capability Building
  • Strategic Orientation
  • Stakeholder Focus
  • Networking
  • Execution & Results
  • Teamwork & Interpersonal influence

Job tags

Salary

GENERAL
Home
About
Contact
Blog
MORE PAGES
Popular searches
Urban popular searches
Cities
Companies
LEGAL
Privacy policy
Terms of service
eAccessibility commitment
logo
JobNob HQ Address
1 E Broad St
Ste 130 - 1252
Bethlehem, PA 18018-5934
United States
All rights reserved