ISS:Lead IS Compliance Operations

About the Role

The IS Compliance Ops is responsible for providing the Compliance tracking support to infosec teams by tracking regulatory guidelines such as s/Advisories/Circulars/Letters/Ad hoc correspondences/Questionnaires etc. The Lead shall ensure timely submission of daily / monthly / quarterly returns, once validated by the CARO. The role of IS Compliance Ops will involve data collation for various returns, review of responses for completeness, timely submission, tracking and ensure compliances.

KeyResponsibilities

The Lead for IS Compliance Ops is responsible for the following tasks: -

Coordinating with various infosec teams and stakeholders to collect and verify the necessary data for regulatory advisories, s, circulars, questionnaires, and correspondences

Maintaining the Advisory Digest document and updating it regularly with the latest information on cyber security incidents, best practices, and recommendations from regulators and authorities

Ensuring timely and accurate submission of daily, monthly, and quarterly returns to the relevant regulators and authorities, such as CERT-In, NCIIPC, SEBI, PFRDA, etc.

Tracking and managing the NCIIPC correspondences and compliance requirements, and communicating with them on any issues or queries - Gathering the metrics related to Key Risk Indicators (KRI) and ensuring they are aligned with the infosec framework and objectives

Responding to the CERT-In technical advisory correspondences and compliance requirements, and implementing the suggested actions and measures

Coordinating for the CII-ISSC meeting activities and handling adhoc data requirements from various regulators and authorities

Acting as the infosec spoc for Business Continuity Planning (BCP) and Functional Recovery Planning (FRP), and conducting periodic infosec BIA and coordinating for planned/unplanned BCP

Tracking all ATRs from all the committees (ITDSC, ISSC, AOP, ITSC, etc.), where ISS is the action owner, and ensuring the action plans are adequately documented, executed, and reported

Tracking the infosec deliverable calendar across the unit and proactively identifying and resolving any delays or issues, and ensuring the delivery of all activities within timeline

Qualifications

Optimal qualification for success on the job is:

Graduate/ Post Graduate in IT/Information Systems/ Computers from a recognized institute

Role Proficiencies:

For successful execution of the job, the candidate should possess the following:

In-depth knowledge of KPI, KRIs applicable for information technology and Infosec related audit and compliance

12+ work experience in IT/IS with atleast 5 years in Information security domain

Understanding of compliance and regulatory norms

Good relationship management and strong communication and presentation skill