Gm - Risk & Security Assurance - Mumbai, India - Vodafone Idea

Vodafone Idea

Verified Company

Mumbai, India

1 week ago

Posted by:

Deepika Kaur

beBee Recuiter

Description

Job Req ID:

Location: Mumbai, IN- Function: Technology/ IOT/Cloud- About:
Role

Risk and Security Assurance

Job Level/ Designation

General Manager

Function / Department

Technology Security

Location

Mumbai - Corporate

Job Purpose

Management of Organization Risk, Mitigation of identified risks.
Reporting risks to management periodically
Security Assurance program for IT / Telecom
DoT/ term Cell audit for 22 Circles, Annual assessment of Telecom network

Role Contour:

Responsible for risk evaluation, approval and compensatory/mitigation controls, ensure significant reduction of security risks from vendors through vendor de-risking program, Telecom Security Assessment Interface for Regulatory and Compliance ,building Security Assurance strategy for VIL and ensuring that the Risk Score of the organization is maintained and monitored on a continuous basis.

Key Result Areas/Accountabilities

Accountability:
Assurance and Risk management

Assess and maintain cyber security risk posture (IT and IS process control related to risk) / compliance; Accountable for Risk management Risk acceptance (RAF) and its periodic review
Oversee/Facilitate formal risk analysis and selfassessments program for various systems and processes, as required by the CISO and/or IT ,Telecom teams
Act as a liaison between the CISO and the IT, Telecom Teams to ensure all risk management activities are managed endtoend.
Vulnerability Assessment, Penetration Testing, Technical Controls Review on a periodic manner
Identification, classification & assessment of critical information assets to identify risks associated with them and ensuring mitigation of the same for both internal assets & assets managed by third parties viz. vendors, partners etc.
Design, implementation & maintenance of a vendor risk management framework to periodically assess critical vendors & partners of VIL and mitigation of identified risks
Interface for Regulatory, TERM Cell / DoT security audits for Telecom Security Assessment and compliance
Yearly Telecom Network Assessment for all License types and Service areas (Circles)
Development and implementation of MBSS,CR documents for new and existing assets
Ensure ontime, quality and effective Security Gating Process by way of strong governance on assessment teams
Developing business centric Dashboard and Reports.

Core Competencies, Knowledge, Experience

Technical Competencies:

years of experience in Information Security Risk Management, Audit

IT Security, Vulnerability Assessment, Application Security & Penetration Testing
Information Security Audits & Assessments
Team management & leadership
Vendor/partner management & governance
Understanding security systems & appliance e,g. NIPS, DODOS, Firewall
Understanding of Telecom environment, LTE and 5G technology and security impacts

Must have technical / professional qualifications

Experience & Qualifications:

12 to 15 years experience in IT & security, Risk Management with a minimum of at least 8 years in IT network security management and Knowledge of Telecom Mobility architecture and its Security controls
Bachelor's degree in Computer Science, Engineering in Electronics, Cyber Security or related field; Masters degree will be an added advantage
CISM/CISSP/CISA/CEH, ISO 27001 Lead Auditor, Lead Implementer

Years of Experience

years

Industries to look from

Banking, ITES, Telecom

Ideal Organizations to look from

HDFC Bank, ICICI Bank, Airtel, Capgemini, Wipro

Direct reports

2