Login Sign Up
🔔 FCM Loaded

Assistant Vice President – Information Security

IndiaFirst Life

5 - 10 years

Mumbai

Posted: 12/02/2026

Getting a referral is 5x more effective than applying directly

Job Description

  • Information Security, Data Privacy and IT Governance Implementation
  • Execute information security assessment, business continuity assessment, risk assessments pertaining to clients IT environment.
  • Execute technical risk assessments around applications, control testing on premise and for Cloud environment etc.
  • Execute activities like data discovery, privacy & security impact analysis and propose process and technical solutions to the team.
  • Document policies & procedures meeting the regulatory compliance and risk management requirements.
  • Develop knowledge base, re-usable components for GRC advisory services.
  • Responsible for development and enhancements of GRC services and delivery capabilities.
  • Develop competency in GRC platforms (design, architecture, development & support. Participate in pre-sales activities for client RFPs/RFIs
  • Implement ISO 27001 ISO 22301 framework. IRDAI guidelines and NIST framework.
  • Implementation Knowledge of DPDPA
  • Develop a complete set of corporate Information Security and business continuity policies and standards and continually monitoring the information security controls, KRIs/KPIs and technical landscape.
  • Lead on compliance reviews, certifications, and accreditations (e.g., ISO27001, ISO22301, IRDAI, ISNP, NIST and Cyber Security guidelines)
  • Work with business, internal IT and third-party vendor teams to promote and adopt security best practices.
  • Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce confidential risks, where applicable.
  • Work with Security partners, Managed Security Service Provider (MSSP) to conduct and review regular security assessments (Pen tests, Vulnerability scans etc.) of vendors and solutions (SaaS, IaaS providers and MSSP
  • Create, communicate, and implement a risk-based process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants, and other service providers.
  • Define and facilitate the information security risk assessment process, including the reporting and oversight of treatment efforts to address negative findings.
  • Oversee information security audits, whether performed by organization or third-party personnel.
  • Assist resource owners and IT staff in understanding and responding to security audit failures reported by auditors.
  • Implement projects as per roadmaps.
  • Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.
  • Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements.
  • Day to day monitoring of IT Processes/IT Infrastructure from information security perspective.
  • Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans.
  • Manage security incidents and events to protect corporate IT assets.
  • Supervise change management process from Information Security perspective.
  • Manage & supervise vendors based on SLAs defined.
  • End to End knowledge on Security Incident Alerts & Management.
  • Comprehensive knowledge on MS Server environment, Linux Security, Operations (Endpoint Security, Data Leakage Prevention, Endpoint Encryption, SIEM, IDS/IPS, Firewalls, Proxy, WAF CASB and CCM
  • Comprehensive knowledge on multiple technologies amongst Firewall / PIM PAM / ENDPOINT / DLP / EDR / ENCRYPTION / DNS Security / WAF/Proxy / Server Security / IPS / Email Security / SIEM / Deep Security Multi Factor Authentication, Antivirus, Patching
  • Strong understanding in analysing network event logs, web filter activity, Antivirus, Antimalware, DLP, Syslogs, IPS, and security system logs.
  • Strong understanding and direct experience on Cloud Security, Network Security -Anomaly Detection Systems, Firewalls, Routers, Switches, Confidential LDAP, AD Servers etc.
  • Experience in Network.
  • Knowledge of Information Security Management System - ISO 27001, Business Continuity Management System - ISO 22301

Services you might be interested in

Improve Your Resume Today

Boost your chances with professional resume services!

Get expert-reviewed, ATS-optimized resumes tailored for your experience level. Start your journey now.

getmereferred logo Know more