Overview
Chief Information Security Officer (CISO), Vice President, Mumbai Jobs in Mumbai Metropolitan Region at Goldman Sachs
Title: Chief Information Security Officer (CISO), Vice President, Mumbai
Company: Goldman Sachs
Location: Mumbai Metropolitan Region
Job DescriptionRegulatory Responsibilities -CISO:ResponsibilitiesThe CISO will be required to interact with regulators on all information security matters relating to the Company and shall assume all responsibilities as per applicable regulations, including:
Driving cyber security strategy and ensuring compliance to the extant regulatory / statutory instructions on information/ cyber security.
Enforcing the policies that the Company uses to protect its information assets apart from coordinating information/ cyber security related issues within the company as well as with relevant external agencies.
The CISO will be a member of the Information Security Committee which will be responsible for development and implementation of information/cyber security policies, approving and monitoring information security projects/awareness initiatives and reviewing cyber incidents, information systems audit observations, monitoring and mitigation activities.
The CISO will also be a permanent invitee to the IT Strategy Committee and IT Steering Committee, and contribute to the working of these committees as required.
Manage and monitor Security Operations Centre and drive cyber security related projects.
Ensure effective functioning of the security solutions deployed.
The CISO shall place a review of cyber security risks/ arrangements/ preparedness of the Company before the Board/ Risk Management Committee/IT Strategy Committee at least on a quarterly basis.
More About This Job
The Technology Risk Officer will be responsible for representing, managing and communicating technology risk for the Global Markets Division. This requires representing firmwide control requirements and specific control requirements related to this division. The Technology Risk Officer will be primarily focused on security controls in business applications/processes that support the Global Markets Division business lines (FICC, Equities, Marquee, etc). The successful candidate will be a trusted risk adviser to high performance application and platform teams across the division.
Responsibilities And Qualifications
HOW YOU WILL FULFILL YOUR POTENTIAL
Interact with Global Markets engineering stakeholders to understand and communicate risks to critical infrastructure and systems, defining potential business impact, and tracking commitments to apply effective mitigating controls.
Drive adoption of application security, technology privacy, privilege management and vulnerability management controls as part of the Software Development Life Cycle (SDLC) and production management (DevOps) processes.
Track the progress of remediation of control gaps identified by firmwide control programs, application security and vulnerability testing, Internal Audit, self-testing, or controls self-assessment.
Assist in the execution of the access and entitlements recertification, and the SOX404 and operational risk control self-assessments by evaluating the key risks and assessing mitigating controls and evidence to determine the risk profile for the organization.
Assist in the development and monitoring of key risk indicators (KRIs) that are mapped to various risks and controls to determine control gaps, and advise application development teams on implementing risk mitigation measures.
Communicate the impact of technology risks and the approach to mitigation/acceptance, and provide risk assessment and advisory services to technology engineers, and technology and…
