The Incumbent must have Broad knowledge and experience in Information Security and Project Management
Degree or equivalent experience : Bachelor’s Degree or equivalent.
Years of experience : 8+ years’ experience in the Banking / Information Security activities and Project Management
Certifications : PMP, CISSP, CISA, CISM, ISO 27001 LA / LI and PCI DSS related certifications
Must have a working knowledge of Risk Assessment, Vulnerability Assessment, Penetration Testing, Application Security, Baseline Review, Business
Continuity Planning (BCP) and Disaster Recovery (DR).
Must be able to translate information security requirement into business needs
and vice versa.
Should be able to explain the VAPT findings to technical and non-technical teams.
Should be able to track and coordinate with different teams to close the risk identified
during the VAPT exercise.
Must have a solid understanding of Information Security Standards and
compliance like ISO 27001, PCI DSS, OWASP, NIST, SANS, and CIS.
Must have experience with creating information security project RFPs.
Should be business-driven with a thorough and proven understanding of Banking
activities and products.
Responsible to undertake structured analysis of vendor proposals for the supply of new
InfoSec solutions in close collaboration with the concerned business unit(s).
Responsible for the execution of projects to implement selected new InfoSec systems.
Responsible for the preparation of a plan for the complete project lifecycle of
assigned projects and for the update of these plans during that lifecycle.
Accountable for managing the allocated budget for assigned projects and reporting
Responsible for the identification and management of project risks for each assigned
Responsible for the recording and managing of the business area and technical issues in
each of the assigned projects.
Responsible for coordination of required business area resources needed for the
completion of assigned projects.
Strict adherence to the PMO framework and full compliances with PMO processes.
Must be able to prepare project status update presentations and present to
senior management and project stakeholders on need basis
Should be able to draft Information Security Awareness Newsletters and