Apply Now

Director, Technology Risk Management

Bengaluru, India | Visa

  • Industry:
    Financial Services
  • Position Type:
  • Functions:
    General Management
    IT / Information Technology
  • Experience:
    7-10 years
Job Description:
55 people have viewed this job

Job Description and Responsibilities


This hands-on leadership position will serve as part of Visa's Cybersecurity Third Party (3P) technology Risk Management team, providing oversight, coordination, and delivering the activities supporting successful risk management activities around third parties for VISA. Members of this team work across a number of stakeholders who work with third parties to ensure appropriate processes, procedures and controls are adequately designed, implemented or remediated to meet VISA Key control requirements and mitigate any risks that are associated to with third parties. The success of this unit requires dedicated professionals who possess the analytical, feasibility, relationship and executive summary skills needed to form highly reliable risk management strategies to meet various Visa Inc. requirements along with compliance and regulatory requirements.


Qualifications


Bachelor degree in Computer Science, Information Systems, Management Information Systems, or Business Administration or other related field. (Master degree is preferred.) Significant and relevant technical experience meeting the job description may be substituted for degree requirements.

Sound understanding of Enterprise Security Solutions such as WAF, IPS/IDS, DDoS, Firewalls, Anti-Virus, Malware, Database activity monitoring, Data Loss prevention, Proxy solutions and SIEM tools

Very strong interpersonal, facilitation, team building and leadership skills along with effective communication (both written and verbal) skills and the ability to present complex ideas in a clear, concise way; ability to influence and develop relationships with key partners

Must have 8+ years of work experience including leadership roles in Cybersecurity, Audit, Risk, and/or Compliance.Open to experience in other relevant fields (e.g., finance, business administration, information technology, etc.) as long as candidate can demonstrate relevancy to this Cybersecurity based role.

Must have 8+ years direct participation and experience across common industry security policy areas, including, but not limited to ISO, NIST, COSO, COBIT, PCI, FFIEC, SOX, SSAE16, and others

Must have 8+ years audit and risk management experience that includes a broad understanding of the software delivery process, professional services consulting and/or program management.

Must have 8+ years’ experience providing information security or information technology consulting services to a broad range of companies and/or federal and state agencies.

Must have 6+ years of progressively responsible management experience in the following areas: planning, budget/forecast/financial management, and staffing

Solid understanding of Enterprise Risk Management and Strategy frameworks as well as understanding of current enterprise threat scenario as related to financial industry

Demonstrated ability to manage implementations of large-scale, complex, multi-disciplined, cross-functional and highly visible projects/programs.


Additional Information


Current information security and compliance vendor landscape

Control frameworks such as COSO

Regulatory requirements in particular PCI-DSS, GLBA, FFIEC

Ability to direct and lead cross-functional, cross-vendor teams

Must be experienced in Project Management Methodologies and experienced in mentoring less experienced project personnel

Certified Information Security Auditor/Manager (CISA/M) designation or CISSP

Excellent communicator with strong client relationship focus with business sponsors, enterprise architects, and information security engineers to articulate business case and technology options

Practical experience managing multiple large-scale compliance/audit projects simultaneously, strong internal consulting, customer account management, and defining engagement scope, negotiating commitments, gathering requirements, defining deliverables, designing integrated solutions, and overseeing technical implementations considered a plus

Proven experience proposing enterprise level solutions to mitigate risk 


Other companies hiring with Ivy Exec

 Company Logos