Information Risk Management - Kotak Infinity - Goregaon

Job Description:

 Discuss with Business & IT on new process / system / activity before Onboarding
/ Go-Live
 Conduct risk assessments to identify information security risks
 Propose controls to business / IT and / or work with business to plan risk
mitigation
 Prepare Risk Assessment & Recommended Control Report
 Follow-ups for mitigation of identified risks & maintain Risk Assessment Tracker
 Release Monthly dashboards
 Ensure all recommendations made in RA are implemented
 Maintain and update Risk Assessment Procedure & Process documents
 Manage and address any escalations related to risk assessments
 Assess risk and provide approvals / rejections for requests such as firewall port
opening, external data sharing, data movement, new software installations
 Assess and provide approval / rejection with appropriate compensating controls
for policy exceptions
 Responsible for update of Information & Cyber Security Policy and Standards

 Experience required for the Job: 10-12 years in information & cyber security;
 Engineer / Post Graduate / MBA
 Good understanding of IT/Cyber Security Risk
 Certification like ISO27001 / ITIL / CISA / CISSP / CRISC (Preferable)
 Knowledge on Layered Security - Firewalls, Intrusion Detection, OS Hardening,
Malicious Code Security, Security Policies and Procedures, IT controls
implementation, DLP, Security Training.
 Knowledge of cloud technologies and security practices for cloud
Job Role:

Job Requirements:

 Experience in Third-party Risk Management, Information Security Risk
Assessment; Experience in Banking (Preferable)
 Good interaction and communication ability
 Excellent verbal, written communication & presentation skills