Network and Security Manager
Ujjivan Small Finance Bank · Bengaluru, Karnataka, India
Ujjivan Small Finance Bank · Bengaluru, Karnataka, India
**JOB TITLE**Specialist -Network Security **GRADE**SM **DEPARTMENT**Information Technology **LOCATION**HO(Bengaluru) **SUB-DEPARTMENT**IT SECOPS **TYPE OF POSITION**Full-time **ROLE PURPOSE & OBJECTIVE** 1. To drive the overall network security of the Bank & implement detailed security designs and solutions as per the Bank's strategic and business requirements. 2. To consult with cross-functional groups, solicit information security requirements and tailor information security solutions to meet stakeholder needs. 3. To manage the day-to-day information security Regulatory compliance & operational schedules 4. Work independently & also lead the team in achieving the overall security objectives. **KEY DUTIES & RESPONSIBILITIES OF THE ROLE** 1. **Business/ Financials** 1. **Planning & Strategy** - Understand technical, privacy and regulatory compliance requirements as per the Bank's IT Security policy, formulate technical and integration solutions and present the same to the line manager for approval. - Delineate process steps and timelines for implementation of Network security solutions, once approved by the line manager, and manage project execution within timelines. - Present data on innovations in security solutions and security protocol to line manager as a base to upgrade the Bank's existing security solutions. - Complete and report self-assessment for ongoing checks for compliance with code changes, existing system and security protocols in adherence to architecture standards, risk management and security guidelines of the Bank. 1. **Budgeting** - Consult with peers and vendors and present comparative project estimates for upgrades to security protocols/implementation of new Network security solutions. - Prepare and present timelines and resource requirements for implementing technical security solutions in the Bank's ongoing Network architecture projects, providing a sufficient buffer for business, product, and technical challenges. - Present at least four strategies each year incorporating improved technical and security guidelines and strategies to improve process efficiency and reduce cost. - Engage in continuous self-learning, present proposals for training self and team members in niche security solutions from external vendors and allocate staff training budget for the same. - Coordinate with external vendors of Network security solutions and engage in negotiations for procurement of solutions/services on economic terms. 1. **Planning** - Engage with other units in IT to study current Network architecture in the Bank and participate in the ongoing study into emerging vulnerabilities/threats that could affect the Bank's software systems. - Engage with development teams to conduct design reviews of upgrades/changes in network applications and isolate vulnerabilities which may pose security challenges - Engage with peers in other units in the IT vertical to understand the Bank's IT roadmap for the short term, forecast and document potential security challenges and suggest possible mitigants to enable project planning. - Draw up a schedule for routine implementation of security protocols, e.g., firewalls, virus checks, unauthorised applications, deactivation of USB drives etc., and manage implementation of the same with existing resources. 1. **Core Function Areas of Responsibility (AORs)** - Manage documentation, updating and archival of information security policies, standards, and processes for the Bank in line with the Bank's IT Security and Archival policy - Schedule and manage routine Network security activities for the Bank and coordinate and communicate with other units in the Bank for the same. - Schedule and manage regular scheduled maintenance, upgrades, and patches coordinated with other IT units. - Participate in regular /project meetings with other units in the IT vertical to clarify Network security standards, procedures, operational activities, and technical and present reports and actionable on same to the line manager. - Coordinate with providers of outsourced security services and manage their day-to-day performance. - Participate as an incident response team member in emergency security or non-security breach. - In collaboration with other IT units, prepare incident reports in the event of any breach of network security and report the same to the line manager within deadlines. 1. **Customer (Both Internal & External)** 1. **Customer-centric AORs** - Consult with peers in other lines of business and IT project teams to provide security-related guidance on ongoing IT projects. - Consult with industry peers to upskill self on Information Security architecture, cyber threats, and mitigant strategies. - Under the guidance of the Head IT security, implement and maintain the Bank's current and projected Network security architecture. - Manage the documentation and contracts for purchasing and maintaining outsourced information security software and renewal of licenses on competitive terms from empaneled vendors. - Oversee maintenance of network security protocol in the event of scrapping and disposal of the Bank's hardware and data storage devices. 1. **Stakeholders' interactions** - Provide health and performance insights, uptime/downtime, service monitoring reports etc. on the network security to line manager regularly. - Consult with other stakeholders in the Bank to provide insights on new products/services from an network security point of view. - Assist Learning and Development team in training and awareness campaigns to maintain digital hygiene and security protocol for employees. - Assist Line Manager in framing and implementing a protocol for responsible disposal of the Bank's e-waste. 1. **Internal Process** - Supervise adherence of network security unit to SLA/Policies/Processes and policies. - Manage periodic audits to ensure integrity and security of network Systems, respond to audit comments within timelines and ongoing impleme