Assistant Vice President - IT

Key Responsibilities:

1. Evaluate Security Architecture: Assess robust cybersecurity architecture that supports the organization’s IT infrastructure, applications, and systems.

2. Risk Assessment and Management: Conduct risk assessments to identify potential vulnerabilities and recommend security controls to mitigate risks.

3. Responsible for maintaining and implementing organization’s cybersecurity strategy

4. Coordinating Audits on behalf of IT for ISMS/BCMS/ITGC/ICS/ISNP and other IRDA related and Finance related Audits.

5. Responsible for evaluating an organization's security posture by assessing its systems, policies, and practices for vulnerabilities and risks.

6. Compliance and Standards: Ensure the organization’s security systems comply with industry standards, regulations, and internal security policies.

7. Security Audits and Monitoring: Support audits and assessments of security systems and practices. Ensure continuous monitoring of the organization’s networks for threats or breaches.

8. Incident Response: Develop incident response plans and lead efforts to resolve security breaches or incidents.

9. Security Policies and Procedures: Create, update, review and enforce security policies, protocols, and procedures to protect sensitive data.

10. Collaborate with Stakeholders: Work closely with IT teams, software developers, and other departments to ensure security is built into the systems from the ground up.

11. Security Awareness Training: Provide guidance and training to employees on cybersecurity best practices and emerging threats.

12. Documentation and Reporting: Document the cybersecurity architecture, policies, and security-related issues, and report on system performance and incidents to senior management.

Requirements:

1. Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field.

2. Minimum 10 years of experience in cybersecurity, with a focus on architecture and design.

3. Proven experience with security frameworks such as NIST, ISO 27001, and CIS Controls.

4. Strong knowledge of network security, encryption, identity and access management (IAM), firewalls, VPNs, IDS/IPS, and other cybersecurity technologies.

5. Hands-on experience with cloud security (AWS, Azure, Google Cloud).

6. Proficient with OWASP Top 10, Secure Coding practices, Attack Surface Monitoring

7. Familiarity with regulatory and compliance requirements

8. Proficient in cybersecurity tools such as SIEM, vulnerability scanners, and forensic tools.

9. Excellent analytical, problem-solving, and communication skills