Senior Manager – Information Security

From 5 to 10 year(s) of experience
₹ Not Disclosed by Recruiter

Job Description

  • Investigate the causes of information security incidents and recommend and design and lead on projects for remediation and prevention of recurrence
  • Respond to information security incidents, ensure that the appropriate controls are met by the systems
  • Responsibility for maintaining and managing IT security risk register and chair IT security risk meetings
  • Provide leadership in designing and costing solutions to security concerns, gain agreement from stakeholders (such as IT and staff) and driving any resulting projects
  • Plan and perform security risk assessments of information systems and data flows, document findings and manage and drive remediation plans in line with organizational risk appetite and best practice
  • Conduct vulnerability and risk assessments of IT components, produce plans for improvement and communicate these to business owners in line with best practice, including being responsible for ensuring that pen testing is undertaken on applications and infrastructure
  • Gain the confidence and respect of business owners in relation to information security risk for new systems and applications and changes to systems and applications by having a stakeholder engagement plan
  • Embed information security as part of the procurement process, working with the Procurement Manager, who will be responsible for ensuring Data Protection is part of procurement
  • Manage engagement with external suppliers of information security services, such as the IT Managed Services Provider, software vendors, penetration testers and auditors and to ensure audit of these suppliers, including ensuring due diligence questionnaires and risk assessments are made an integral part of procurement processes
  • Ensuring IT vendor management is an ongoing process
  • To advise on the security aspects of procurement contracts, including access controls
  • Work with the Learning Team to develop an engaging and accessible learning program to build an effective information security culture for staff and volunteers
  • Plan the resources and expenditure needed to carry out information security activities to best practice standards
  • Ensure all volunteers and employees are clear about their responsibilities in relation to information security and the protection of assets by clarifying procedures and instilling good practice.
  • Grasp and abide by the Information Security and Privacy policies of the company
  • Vigilant handling - Employees deal with confidential data of the company. The employees need to be careful when it comes to the execution of the strategies. Any suspicious activities noticed are needed to be reported and follow the security procedures by employee.
  • Personal Space - Adhering to company information and privacy policy is Part of employee responsibility for his own area or scope of work. Employees need to ensure that their work areas/workstation stick to security standards of the company.

Candidate Requirements:

  • Applicable security certification (or equivalent professional experience) required e.g., B.E/B.Tech/MS in Information Security or related field or equivalent qualification or work-related experience.
  • ISO270001, CISSP, CISA or CISM certification is highly preferred

Key Skills
Skills highlighted with ‘‘ are preferred keyskills

Education

UG:B.Tech/B.E. in Any Specialization

PG:MCA in Computers

Company Profile

Narayana Health

Narayana Health is headquartered in Bengaluru, India, and operates a network of hospitals across the country, with a particularly strong presence in the southern state of Karnataka and eastern India, as well as an emerging presence in northern, western and central India. We believe that the Narayana Health brand is strongly associated with our mission to deliver high-quality, affordable healthcare services to the broader population by leveraging our economies of scale, skilled doctors, and an efficient business model.
In aggregate, our centres provide advanced levels of care in over 30 specialties, including Cardiology and Cardiac Surgery, Cancer Care, Neurology and Neurosurgery, Orthopaedics, Nephrology and Urology, and Gastroenterology.
Company Info
X
View Contact Details+

Contact Company:Narayana Health

Address:NARAYANA HRUDAYALAYA PHARMACY,258/A,, A unit of Narayana Hrudayalaya Limited,, Bommasandra Industrial Area,Hosur Road Anekal Taluk,, BANGALORE, Karnataka, India

Salary:

Not Disclosed by Recruiter

Role Category:

IT Security

Role:

Head - Information Security

Employment Type:

Full Time, Permanent