Company: DOHA BANK
Location: Mumbai, Maharashtra, India
LinkedIn post

Role Objective:

The incumbent will collaborate closely with the Group Chief Information Security Officer and the Country Manager for India to effectively develop, implement, and manage the Bank's Information Security policies and compliance requirements specific to India Operations. This role will oversee Information Security Governance in alignment with the Reserve Bank of India (RBI) and other regulatory bodies. The incumbent will coordinate and execute the Information Security Management System (ISMS), Security Operations, Vulnerability Assessment and Penetration Testing (VAPT) program, Red Teaming program, and ensure timely reporting to RBI and other regulators. Additionally, this role will require collaboration with Information Technology, Business Continuity, Operational Risk and various other departments of the bank.


Qualifications/Experience Required:

  • University Graduate in Computer Science, Cybersecurity, or related field.
  • 6-10 years of relevant experience in a similar position.


Key Responsibilities:

  • Develop, implement and manage the cyber security framework per directives from the Group Chief Information Security Officer.
  • Formulate strategies, policies, and procedures for the Information Security Section.
  • Manage ISO 27001, PCI-DSS, and other relevant certifications of the bank.
  • Ensure Information Security awareness and assessment of the staff.
  • Collaborate with Head Office for governance of Security Operations Center (SOC).
  • Conduct Risk Assessment of People, Process and Technology. Also, Third-Party Risk Assessment.
  • Ensure Vulnerability Assessment and Penetration Testing (VAPT) and track remediation of identified vulnerabilities.
  • Conduct Red Teaming and track remediation of identified vulnerabilities.
  • Manage and ensure compliance to Cyber Security and Data Privacy laws and regulations from Government of India, Reserve Bank of India (RBI) and other regulatory bodies.
  • Manage Internal and External Audits including but not limited to those by RBI, Certification Bodies, Internal Audit Department and other regulators/departments.
  • Track and Ensure Closure of observations identified during Internal and External Audits.
  • Timely and effectively communicate with and report to Reserve Bank of India (RBI) and other regulators on Cyber Security and Data Privacy domains.
  • Prepare and present reports and dashboards to the management on compliance and for various meetings, forums and committees.
  • Collaborate with Information Technology, Business Continuity, Operational Risk and various other departments of the bank.
  • Build strong relationships with internal and external stakeholders to address operational needs.
  • Stay current with IT/security industry trends and regulatory changes; recommend necessary adjustments.
  • Ensure adherence to confidentiality and ethics in all interactions and documentation.