Head of Information Security- Business Continuity and Privacy - India
First Abu Dhabi Bank (FAB)
Location
Mumbai | India
Job description
Company Description
Join the UAE's largest bank and one of the world's largest and safest financial institutions. Our focus is to create value for employees, customers, shareholders, and communities to grow through differentiation, agility and innovation.
We are looking for a skilled
Head of Information Security - Business Continuity and Privacy - India in our FAB office in Mumbai. Accelerate your growth as you help us reach our goals and advance your career. Be ready to make your mark a top company, in an exciting and dynamic industry.
Job Description The Head of Information Security will be responsible for managing the FAB's Information Security Program for the country.
The Information Securiy Officer will be responsible for planning, monitoring and reviewing the information security program for India in consultation with Group Security Office – Head office team. The ISO shall ensure the information security program is in alignment with the regulatory, legal and statutory requirements of India and the business strategy. The Information Security Officer role will be operating out of the Mumbai branch in India and will require travel within the country while fulfilling the responsibilities. The ISO will also support the branch's BCM and privacy requirements.
Key Accountabilities - Review and Maintain Security Policies, Standards, and Procedures for India.
- Participate in discussion and coordinate activities between local business units, support functions, Compliance Team, IT and GSO – HO for information security, planning, implementations and review
- Ensure information security compliance as per regulatory requirements.
- Update International Location Executive management regarding information security initiatives, major risk, threats, attacks and incidents.
- Review new regulatory legislations; promptly communicate all regulatory notices/circulars to all concerned areas, provide interpretations if necessary; develop/monitor action plans towards its implementation.
- Assist Head office during Regulatory Examinations; ensure implementation/regularization of observations linked to compliance while meeting the deadline(s).
- Review Technology Risk Assessments, RCSA and Third party Risk assessments.
- Assist and support for Internal and External Audits. Monitor and track all open issues with IT and concerned international SPOCS for India.
- Oversee the tracking and closure of related findings.
- Govern the security awareness program for India staff, Offshore development centres and respective regional staff.
- Provide support to FAB CSIRT for information security incident and data breach handling.
- Coordination with International Business units/Fraud Risk / GSO for digital forensic investigation
- Review and assess the regulatory compliance circulars/notices, discuss with GSO- HO and enforce security controls as applicable.
- Assist Group Security – Head Office team in vulnerability assessment and penetration testing.
- Review Management Dashboards/Security MIS related to Patching, VA, PT, Baselines and end point security controls
- Assess and Review Change Requests and Security Exceptions for India.
- Review BRDs, Solution Design, Concept Design and any other requirements for India business units.
- Review and track compliance for Data Privacy and Protection controls.
- Review KPI and KRI for country information security processes
- The Head of Information Security will be responsible for bringing to the notice of the Branch Risk and group Information Security Committees
Qualifications - Information Security or IT Security or IS Audit background
- Must be having a minimum 8 years of Information Security Experience.
- Expert knowledge of Information Security Domains and should be certified (CISA, CISSP or CISM or any other relevant security certification)
- Experience in a similar type of role in a multinational business and dealing with regulatory authorities, governments and industry bodies
- Experience in managing security compliance teams
- Knowledge of RBI guidenlines on Cyber security, Business contuinity, Information Technology (IT) Act, local privacy regulations is a prerequisite
- Knowledge of regional and global regulations and other information security standards. will be an added advantage.
- Ability to make good judgments regarding security risk and to prioritize resources and activity around managing those risks
- Able to conduct the role independently and with integrity
- Ability to plan, organize and prioritize tasks and projects
- Good communication skills capable of dealing with wide range of stakeholders.
- Fluent in English (mandatory)
Job tags
Salary
