This is a mid-level role within Risk & Compliance function to own and lead enterprise wise information security at NCHL. He/ She shall be responsible for owning, monitoring and assisting in the implementation of information security policies and procedures.  

Job Specification:

• At least University degree in Engineering/ Computer Science/ IT or equivalent.
• At least 3-5 years of working experience in application and Network security and having good knowledge of web/ mobile applications, relational databases and operating systems with at least 1 year of experience as security practitioner or IS Auditor with implementing or auditing or enforcing policies, procedures, and guidelines in a complex environment.
• Trained in information security management system or equivalent with at least 20 credit hours. Certifications in CISA/CISM or CISSP or CEH certification will be added advantage.
• Expert knowledge of ISO 27001 and/or PCI-DSS will be preferred.
•  Ability to provide methodology for assessing information risks, gap analysis based on current controls, manage security incidents by working closely with all technical, operational and other concerned stakeholders.
• Ability to contribute in the development and implementation of security architecture and design of various systems, infrastructure and products.
• Ability to execute and monitor IS assessment/ VAPT/ Audits to support and deliver security initiatives.
• Ability to learn, understand and apply new technologies with strong interpersonal and communication skills. Ability to effectively prioritize and execute tasks in high-pressure environment is crucial.