Manager:Information Security_AFL

Job description
Handle the vendor (Third party) risk management programme independently
Ensure support to operational risk management team on vendor onboarding process (Review of details from Information/cyber security perceptive)
Maintain and update third party policies, procedures and process documents.
On demand preparation and review of vendor agreements including Information/cyber security details.
Review and update third party audit checklist based on the industry information security best practices/events ,internal policies /process changes/regulatory requirements/advisories.
Prepare yearly calendar for vendor audits and circulate the same to business stakeholders.
Ensure new vendors are included in the vendor audit universe.
Ensure all the projects are delivered on-time, within scope and within budget
Developing project scopes, objectives, involving all relevant stakeholders and ensuring technical feasibility
Co-ordination with resources/auditors to conduct risk based and checklist based audit as per calendar in stipulated time.
Ensure new vendors are included in the vendor audit universe.
Ensure auditor prepared the reports and tracked the reported observations for closure within defined time frame.
Maintain and manage audit and observations tracker/dashboard.
Present periodic updates and dashboard to relevant management teams and during the management presentations.
Handles the escalation related to TPA.
Handles the periodic audits from regulator /government agencies /internal audit independency for TPA.
Role: Manager Information Security
Industry Type: Financial Services
Department: IT & Information Security
Employment Type: Full Time, Permanent
Role Category: IT Security
Education
UG: Any Graduate
PG: Any Postgraduate
Key Skills
Vendor auditAuditorManager Internal Auditcyber securityTPAInformation securityBankingoperational risk managementManagementAuditing