AVP - DATA PRIVACY AND BUSINESS INFORMATION SECURITY - LEADING MNC - CISSP, CISA, CRISC, CISM

  • Full-time

Company Description

  • A leading financial company

Job Description

AVP - DATA PRIVACY AND BUSINESS INFORMATION SECURITY - LEADING MNC - 8-12 YRS - MUMBAI
B.E./ B.Tech./ MCA in IT or CS.
 

ROLE:

  1. Understand the key assets and processes, identify and evaluate risks and controls, and suggest incremental controls or risk mitigation strategies
  2. Responsible for complex privacy and/or security matters and privacy programs in compliance ISO 27001, #GDPR and other global privacy laws and regulations (with additional consideration for sector-specific experience in financial services, insurance, education, telecom, biometrics, or digital advertising
  3. Drive data breach preparation, risk mitigation, coordination and responses
  4. Drive Technology transactions related to privacy and security-related due diligence and advising.
  5. Ensure business compliance with Information Security Policies and Standards while continuously monitoring and reporting on risks and documented exceptions
  6. Develop and maintain in depth understanding of region/business unit processes, systems, technologies, data, customers, consumers, partners
  7. Review and audit the Information Security Policies and Standards and technical implementations of security solutions required to meet business objectives
  8. Identify noncompliance and areas of potential improvement, and issue corrective actions
  9. Provide escalation path for security issues, incidents and inquiries
  10. Review work of the Security Incident Response and Crisis Management teams to ensure effectively driving incidents to acceptable resolution; assist with investigations as needed
  11. Work with the Compliance and Information Risk Management team to drive policy and regulatory compliance.

EXPERIENCE:

  1. Certification pertaining to information security and data privacy protection (#CISSP, #CISA, #CRISC, #CISM, etc.)
  2. Experience in the design and implementation of information security programs
  3. Experience in compliance, government or financial industry.
  4. Expert level understanding of key network and technical security controls
  5. Security best practices including experience with #ISO27001 and PCI DSS

Qualifications

Certifications: CISA/ CISSP/ COBIT/ ITILv3/ CISM/ CRISC/ ISO27001

I'm interested