CISO - UTIMF | Scrabble
Posted on March 25, 2023
Job Description
CISO at UTI AMC, a financial services company, is responsible for overseeing and
directing the company's information security program. This role involves managing a
team of Risk and security professionals and ensuring that the company's information
systems and data are protected from unauthorized access, theft, or misuse.
The role requires strong leadership, communication, and collaboration skills, as well
as expertise in information security and risk management.
Reporting to: Chief Risk Officer
Band: Executive Vice President
key responsibilities:
1. Developing and implementing information security policies and procedures
that are consistent with regulatory requirements and industry best practices.
2. Conducting risk assessments and identifying potential security threats and
vulnerabilities.
3. Developing and implementing strategies for mitigating security risks and
ensuring the confidentiality, integrity, and availability of information.
4. Ensuring compliance with legal and regulatory requirements related to
information security.
5. Providing guidance and support to business units to ensure that security is
integrated into business processes and systems.
6. Monitoring security incidents and responding to security breaches in a timely
and effective manner.
7. Conducting security awareness and training programs for employees to
promote a culture of security awareness.
8. Building and maintaining relationships with external stakeholders, such as
regulatory bodies, industry groups, and law enforcement agencies.
9. Staying up to date with the latest security threats, technologies, and industry
trends.
Qualifications
1. Education: A bachelor's or master's degree in Computer Science, Information
Technology / Systems or a related field is required.
2. Industry certifications: Should hold certifications such as Certified
Information Security Manager (CISM), Certified Information
Systems Security Professional (CISSP), or Certified Information Systems Auditor
(CISA).
Experience & Skills
1. At least 10 years of experience in information security and risk management
in the Banking or financial services industry.
2. Knowledge of regulatory compliance: CISOs should have a strong
understanding of relevant regulations including ISO 27001
directing the company's information security program. This role involves managing a
team of Risk and security professionals and ensuring that the company's information
systems and data are protected from unauthorized access, theft, or misuse.
The role requires strong leadership, communication, and collaboration skills, as well
as expertise in information security and risk management.
Reporting to: Chief Risk Officer
Band: Executive Vice President
key responsibilities:
1. Developing and implementing information security policies and procedures
that are consistent with regulatory requirements and industry best practices.
2. Conducting risk assessments and identifying potential security threats and
vulnerabilities.
3. Developing and implementing strategies for mitigating security risks and
ensuring the confidentiality, integrity, and availability of information.
4. Ensuring compliance with legal and regulatory requirements related to
information security.
5. Providing guidance and support to business units to ensure that security is
integrated into business processes and systems.
6. Monitoring security incidents and responding to security breaches in a timely
and effective manner.
7. Conducting security awareness and training programs for employees to
promote a culture of security awareness.
8. Building and maintaining relationships with external stakeholders, such as
regulatory bodies, industry groups, and law enforcement agencies.
9. Staying up to date with the latest security threats, technologies, and industry
trends.
Qualifications
1. Education: A bachelor's or master's degree in Computer Science, Information
Technology / Systems or a related field is required.
2. Industry certifications: Should hold certifications such as Certified
Information Security Manager (CISM), Certified Information
Systems Security Professional (CISSP), or Certified Information Systems Auditor
(CISA).
Experience & Skills
1. At least 10 years of experience in information security and risk management
in the Banking or financial services industry.
2. Knowledge of regulatory compliance: CISOs should have a strong
understanding of relevant regulations including ISO 27001
Information Classification: UTI AMC - Internal
3. Leadership skills: CISOs must be able to lead and manage a team of security
professionals effectively.
4. Communication skills: CISOs must be able to communicate effectively with
executive leadership, technical staff, and external partners
and stakeholders.
5. Risk management skills: CISOs must be able to identify, assess, and manage
risks to the organization's information assets.
6. Technical skills: CISOs must have a strong technical understanding of
information security concepts and technologies, including firewalls,
intrusion detection and prevention systems, encryption, and access controls.
3. Leadership skills: CISOs must be able to lead and manage a team of security
professionals effectively.
4. Communication skills: CISOs must be able to communicate effectively with
executive leadership, technical staff, and external partners
and stakeholders.
5. Risk management skills: CISOs must be able to identify, assess, and manage
risks to the organization's information assets.
6. Technical skills: CISOs must have a strong technical understanding of
information security concepts and technologies, including firewalls,
intrusion detection and prevention systems, encryption, and access controls.