Information Security Manager

Essential Services : Role & Location fungibility

At ICICI Bank, we believe in serving our customers beyond our role definition, product boundaries, and domain limitations through our philosophy of customer 360-degree. In essence, this captures our belief in serving the entire banking needs of our customers as One Bank, One Team. To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service. The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature.

About the role

As an Information Security Manager in ICICI Bank you will be responsible for leading and managing the organization's information security program to ensure the confidentiality, integrity, and availability of data, systems, and networks. This role involves developing, implementing, and maintaining security policies, standards, and procedures, overseeing compliance efforts, and responding to evolving cyber threats. The Information Security Manager works closely with technical teams, business leaders, and external stakeholders to foster a culture of security and effectively mitigate risks.

Key Responsibilities

Develop and Maintain Security Policies: Create, implement, and regularly update information security policies, procedures, and guidelines aligned with organizational objectives and regulatory requirements.

Collaborate: Conduct regular risk assessments and vulnerability analyses to identify, evaluate, and mitigate security risks to the organization's assets. Monitor emerging threats, security trends, and technologies, regularly recommending adjustments and enhancements to the security program to maintain robust protection.

Incident Response: Lead the investigation and response to actual and suspected security incidents, ensuring effective containment, analysis, and communication of findings.

Compliance Oversight: Ensure ongoing compliance with all applicable laws, industry standards (e.g., GDPR, PCI DSS, ISO 27001), and internal policies. Coordinate audits and manage remediation of non-compliant areas.

Systems & Technology Oversight: Oversee the deployment, configuration, maintenance, and monitoring of security tools such as firewalls, encryption solutions, intrusion detection systems, and access controls.

Collaboration: Work with other departments to integrate security into business processes and projects. Communicate risks and security postures to stakeholders and senior management.

Vendor and Third-Party Management: Ensure that third-party vendors and partners adhere to organizational security standards and participate in risk assessments as needed.

Reporting: Produce detailed reports on the status of information security, audit findings, incidents, and compliance for senior management and governance boards.

Qualifications & Skills

Educational Qualification: Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent.

Certifications: Certification(s) such as CISSP, CISM, or equivalent are preferred.

Compliance: Great Awareness of cyber security trends & hacking techniques.

About the Business Group

Information Security Group of ICICI Bank believes in providing services to its customers in the safest and secured manner, keeping in mind that data protection for its customers is as important as providing quality banking services across the spectrum. The CIA triad of Confidentiality, Integrity, and Availability is built on the vision of creating a comprehensive information security framework. The Bank also lays emphasis on customer elements like protection from phishing, adaptive authentication, awareness initiatives, and provide easy to use protection and risk configuration ability in the hands of customers. With this core responsibly, ICICI administer and promotes on going campaigns to create awareness among customers on security aspects while banking through digital channels.