CSIPL Chennai Business Information Security Officer BISO

Citibank - More jobs by this advertiser
CSIPL Chennai Business Information Security Officer BISO-18070593
 About (Information Security):
  • Business Information Security Officer (BISO) for Citi Services India Private Limited for Gurgaon site is accountable for all IS activities that are relevant to the Business they support
  • Performs IS activities as the primary function. The BISOs primary area of focus is the IS Risk Management for the Business and its processes.
  • Manage BISO across various CSC Locations in India
  • Reports to the CSIPL Lead BISO

Role Outline/Job Summary:

  • The Information Security Officer’s (ISO) primary function is to enable businesses to innovate and to optimize their offering while continuing to maintain an adequate level of Information Security across the 3 domains - People, Process, and Technology. As the BISO responsible for the Chennai franchise will have overall responsibility to ensure adherence to all corporate and regulatory requirements w.r.t. Information Security Compliance
Roles and Responsibilities: Business/Department Objectives:
  • The Information Security Officer’s (ISO) primary function is to enable businesses to innovate and to optimize their offering while continuing to maintain an adequate level of Information Security across the 3 domains - People, Process, and Technology.
Core Responsibilities:
  • Educates and advises the business on safe IS practices and current, changing, and/or recommended IS requirements
  • Plans and executes the IS strategy
  • Provides periodic IS risk management reports highlighting key issues and corrective action plans
  • Coordinates IS activities with business plans
  • Articulates the value of IS controls and its bottom line impact
  • Seeks opportunities to enhance the efficiency of policies and procedures
  • Partners with business coordinators in other disciplines; e.g. MCA, CoB, Records Management, Fraud Management, etc.
  • Reviews IS action plans with management and monitors implementation of approved plans
  • Leverages the ISO network to pool resources, seek out best practices, and create efficiencies
  • Monitors vulnerability assessments and ethical hacks, ensuring that issues are addressed for all applications that are not managed by Citi technology groups for example, vendor-managed/hosted
  • Manages risk by analyzing the root cause of issues, impact to business, and required corrective actions by leveraging analytical skills
  • Guides the business to ensure that IS risks, controls, and tests are embedded in the IS component of MCA
  • Responsible for managing Information Security Risk for Gurgaon CSIPL. Work with multiple senior managers in-country, in the region and globally, to define and to implement a strategy for measuring, mitigating and managing risk
  • Engage with the senior management to identify IS risks and ensure that they are understood, and appropriate controls are built to support the Business in meeting its objectives of increased revenue and lowered expense without compromising on risk
  • Innovate, create and leverage on best practices to implement world class information Security Program that supports Business Implement Regional and Global IS programs to manage risk suitably Ensure that the quality of controls can be validated without exceptions in any audit
  • Build a strong team of information security coordinators with the business, coach and develop them professionally Manage training and awareness programs to improve the adherence by all employees in the organization
  • Respond and Manage Security Incidents so that corrective actions and preventive actions are implemented to protect the Business and the Customers from imminent loss of information or value Manage escalations appropriately
  • Build on the Information Security network for professionals across the spectrum (e.g. industry peers, colleagues, regulators etc.) and help/ support the VISO program and Citi’s Intelligence-led approach to managing Cyber and Information Security
  • While there is no direct revenue related responsibilities, the incumbent does need to ensure that the unit budgets are managed within targets and any potential risks are escalated well in time
Additional Responsibilities:
  • This role requires extensive level of interactions with CSC Site Heads, CSC Governance team [most of then C16 & above] to review control environment for their respective functions
  • Will be coordinating with in-country, regional & global stakeholders [Send Site] for the work being transitioned to CSC
  • Should have a good knowledge of local as well as Send Site regulatory requirements to ensure that CSC are meeting these requirements
Individual Contributor (IC)/Managerial: IC Key Deliverables:
  • Ensure compliance to Citi Information Security Standards
  • Ensure a high standard on compliance & controls
  • Ensure Product reviews and decisions are taken to ensure compliance to regulatory/corporate guidelines
  • Serve as the primary contact for any regulatory and audit requirements

  • Bachelor’s degree
  • Computers, Telecom or IT Stream (Preferred)
  • Min. 8 years of work-ex in related field in Banking
  • 7+ years’ experience in IS and at least 2 IS programs including, but not limited to, Audit Reviews, IS Risk Assessment, Awareness & Training, Identity Access & Management, Data Protection, Incident Management, Vulnerability Assessment. Knowledge of key government regulations and local laws
  • Other Risk Management activities should be as Sector or business IS SME or some risk management role
  • CISSP; or
  • CISA; or
  • CISM
  • Excellent consulting and problem solving skills
  • Able to convey ideas to senior management and staff
  • Advanced technical knowledge
  • In depth knowledge of IS programs
  • Advanced presentation skills, program management, and relationship management skills
  • Able to work with senior business management to implement IS strategy
  • Ability to multi-task and switch/prioritize between projects with ease

26 May 2019
Location: India Tamil Nadu Chennai
Work type:
Full time
Banking and Financial Services
PLEASE! No enquiries from Recruitment Agencies or Headhunters.

Only direct applications will be considered.

This career opportunity is no longer open.
Please search for current vacancies here.

Bookmark and Share
  • Previous Next

This website uses cookies

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Cookie Policy.
I agree
Read more