Sr. Manager Risk and Compliance

From 12 to 16 year(s) of experience
₹ Not Disclosed by Recruiter

Job Description

Roles and Responsibilities


Maintain the Information Security Management System (ISMS) as per standard ISO 27001/2.
Ensure that the company IT & Cyber Security Infrastructure are complying to internal policies, regulatory and legal requirements.
Facilitate the external audit and 3rd party audit.


1. Maintain the ISO 27001 Certification
2. Ensure the company’s risk register is updated.
3. Based on ISMS monitoring results, evaluate & recommend for IS policy change and new information security countermeasures.
4. Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
5. Create and maintain the Policies and Processes. Review the Process, SOP, blueprint, and guideline documents.
6. Develop methods to monitor and measure risk, compliance, and assurance efforts.
7. Evaluate the effectiveness of procurement function in addressing information security requirements and supply chain risks through procurement activities and recommend improvements.
8. Develop security compliance processes and/or audits for external services (e.g., cloud service providers, data centers).
9. Monitor systems development and operations for security and privacy compliance.
10. Identify and correct potential company compliance gaps and/or areas of risk to ensure full compliance with privacy regulations.
11. Perform ongoing privacy compliance monitoring activities.
12. Ensure that operational and Research and Design (R&D) processes and procedures are in compliance with organizational and mandatory cybersecurity requirements and accurately followed by Systems Administrators and other cybersecurity staff when performing their day-to-day activities.
13. Identify, assess, and recommend cybersecurity or cybersecurity-enabled products for use within a system and ensure that recommended products are in compliance with organization's evaluation and validation requirements.
14. Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing.
15. Monitor and evaluate a system's compliance with information technology (IT) security, resilience, and dependability requirements.
16. Adhere and promote the information security policy awareness and best practices in the company.


1) Graduate - Any stream
2) Security Certifications CISSP, CRISC, CISA, CISM, etc.


Candidate must have 12+ years of total experience with 6-10 years of relevant experience.

Knowledge required:
IT Audit / Assessments
Risk Management
Information Security Policy

Skills required:

Manager IT Security
IT Risk


UG:Any Graduate

Company Profile

Indian Financial Technology And Alliedservices

Indian Financial Technology and Allied Services (IFTAS), is promoted by IDRBT (Institute for Development & Research in Banking Technology) and NABARD (National Bank for Agriculture and Rural Development) for rendering IT services to the Indian Banking and Financial industry.

IDRBT is an autonomous centre for development and research in Banking Technology, established by the Reserve Bank of India. NABARD is an apex development bank in India, focused on policy, planning and operations in the agriculture and other economic activities in rural India.

Services being rendered by IFTAS include
(a) INFINET, the country-wide secure information technology network.0
(b) SFMS, India’s backbone inter-bank Financial Messaging Platform used for RTGS, NEFT, etc.
(c) IBCC, the most trusted cloud platform for banks in India.

The mandate of IFTAS is to provide essential IT-related services, presently being offered by the IDRBT, to
the Reserve Bank of India, banks and financial institutions, effectively and efficiently. As these services
constitute the backbone of the payment systems operations in India, IFTAS is geared up to provide
uninterrupted 24 x 7 high-quality IT-related services to the Indian Banking and Financial Sector.

IFTAS has been incorporated under Section 8 of the Companies Act, 2013 as a non-profit company, reflecting the intention and mandate of the organization as an enabler and facilitator of automation. NPCI (National Payments Corporation of India), which was formed out of IDRBT under a similar initiative in 2009, has gone on to revolutionize the Payments space in India, with successful implementation of RuPay, IMPS, ACH and other services.

With INFINET and SFMS in steady state operations, IFTAS is focused on expanding its Cloud Services to include the entire gamut of Banking applications, targeted at players in the entire banking sector. IFTAS is looking for self-motivated, service-oriented, technology-savvy personnel who will help scale its operations and take it to a whole new level in innovation, service and size.
Company Info
View Contact Details+

Contact Company:Indian Financial Technology And Alliedservices



Not Disclosed by Recruiter

Role Category:

Assessment / Advisory


Risk Analyst

Employment Type:

Full Time, Permanent