Responsible for contacting clients with overdue accounts to secure the settlement of the account. Also they do preventive work to avoid future overdues with accounts that have a high exposure.
Contribute to the first line information security risk management and reporting.
Organize information security committee, prepare presentations, prepare and maintain minute minutes.
Participate in bank s committee structure and provide information security status updates.
Assess the design effectiveness and operating effectiveness of information security controls which are relied on to protect Confidentiality, Availability, and Integrity of Information and Systems
Collaborate with stakeholders across Bank and Enterprise to deliver various goals as part of information security program.
Identify, scope, and investigate new information security risks.
Manage the audit and examination requirements for the Bank information security office function, in close partnership with privacy office, compliance, genera council and border information security organization.
Craft responses to Information Security audit and examination, regulatory requirements for the market.
Operate as part of the extended Information Security team in support of all security and compliance initiatives. Provides market specific guidance and consultancy on information security processes, controls, and compliance, and information security risk management.
Provides day-to-day operational management over functional processes and project delivery.
Makes difficult, timely decisions regarding simple and complex business or security issues.
Defines, develops, and implements appropriate metrics for ongoing reporting; take action as required based on trend data.
Designs reporting products, metrics and information that meet the requirements of stakeholders, and regulator can be actioned to drive significant improvements in the environment and performance.
Deliver leadership/regulatory reporting and risk metrics that demonstrate the effectiveness of the program.
Updates plans and programs to changes in the regulatory environment and assist other organizations in doing the same.
Documents current and desired future state capabilities, incorporating industry leading technologies that enhance AXPs ability to handle information security risk and protect data.
Makes strategic recommendations and assists key decision makers with recommendations on the implementation of improved processes, procedures, governance approaches, and compliance matters resulting in enhanced information security.
Required Skills:
About 8 years of Information Security and/or Data Privacy experience
Experience working with regulators like RBI, UIDAI, IDBRT in complex regulated payments industry. (Must have) Broad understanding of information security disciplines with emphasis on vulnerability management, data protection, infrastructure security, application security, identity and access, incident management and data analytics
Strong in risk management. Ability to link threats to risk tolerance and control effectiveness measurements. Understanding of cyber regulatory landscape Required Work Experience, Education, Certification / Training:
bachelors degree in computer science, information systems, network security or other related field. masters degree preferred.
Professional certifications (CISSP, CRISC, CISA, PCI, CISM or equivalent)
At least 5 years work experience in information security or technology risk management
Technical background with hands-on experience across a variety of technologies
Proficiency in information security, risk management and audit (risk/security policies, procedures and controls)
Required Knowledge, Skills and Abilities:
Exceptional verbal and written communication skills
Requires knowledge of a minimum of several business and technical functional capabilities in some of the following areas: security architecture; security engineering; threat management; vulnerability management; electronic discovery; computer and data breach incident management; data protection; forensics; 3rd party/vendor management; security monitoring; cryptography; cloud security; security operations and administration; access management; security policies and standards; security awareness; business continuity; disaster recovery; IT risk management and controls; web security; data security; network security; system security, technology operations and compliance
Strong knowledge and experience in risk assessment and relevant methodologies including quantitative risk management techniques.
Knowledge of applicable information security standards and regulatory requirements
Highly self-motivated and directed.
Keen attention to detail
Benefits include:
Competitive base salaries
Bonus incentives
Support for financial-well-being and retirement
Comprehensive medical, dental, vision, life insurance, and disability benefits (depending on location)
Flexible working model with hybrid, onsite or virtual arrangements depending on role and business need
Generous paid parental leave policies (depending on your location)
Free access to global on-site wellness centers staffed with nurses and doctors (depending on location)
Free and confidential counseling support through our Healthy Minds program
