Voya India
Location
Bangalore | India
Job description
About Voya India: Voya India is a wholly owned subsidiary of U.S. financial services company Voya Financial who is a leading health, wealth, and investment company. We deliver innovative solutions to Voya’s Retirement, Employee Benefits, and Investment Management businesses.
Position Summary: The Information Security Senior Executive (Audit and Compliance) will be responsible for establishing and maintaining an effective information security governance program to ensure the confidentiality, integrity, and availability of the organization's information assets. The position will oversee the development and implementation of policies, standards, and procedures for information security management, and work closely with senior leadership to identify and mitigate information security risks. Develop and implement an audit charter including internal audits. Position Description: Develop and implement an information security governance program in accordance with industry best practices and regulatory requirements. Oversee the development and maintenance of policies, standards, and procedures for information security management. Ensure compliance with relevant laws, regulations, and industry standards, including GDPR ,PCI-DSS, and ISO 27001. Monitor and report on the effectiveness of the information security governance program and make recommendations for improvement. Develop and deliver information security awareness training to all employees. Manage third-party vendor security assessments and ensure compliance with security requirements. Develop and implement an audit charter including internal audits, external audits, compliance reviews, etc. Participate in incident response planning and assist with incident response activities as needed. Stay current with emerging threats and technologies in the field of information security governance. Knowledge & Experience: B.E/ bachelor’s degree Information Security, or related field 3+ years of experience in Internal Audit and Compliance. Strong knowledge of information security frameworks, including NIST, ISO 27001, and PCI-DSS. Experience developing and implementing information security policies, standards, and procedures. Excellent analytical and problem-solving skills, with the ability to prioritize and manage multiple tasks simultaneously. Strong written and verbal communication skills, with the ability to communicate complex information security concepts to technical and non-technical stakeholders. Ability to work independently and as part of a team, and to establish and maintain effective working relationships with internal and external stakeholders. Relevant professional certifications, such as ISO 27001 Lead Auditor, CISSP, CISM, or CRISC, are highly desirable.Job tags
Salary
