Team Member - Infosec
Aditya Birla Capital · State of Mahārāshtra, India
Aditya Birla Capital · State of Mahārāshtra, India
**`** **Annexure I: ABG Job Description Template** **`** **HayGroup** **Job Description Template 2024** **Ver. 1.1** **Basic Details: Fill the required information about Job** **Poornata Position** **Number of the job** **9** **Poornata Position** **Title of the job** **(30 characters max)** **Chief Manager** **Business Aditya Birla Capital Business Unit Aditya Birla Health Insurance** **Effective Date** **(DD/MM/YYYY) 29-10-2025** **1) Job Purpose: Write the purpose for which the job exists (in 2-3 lines) (Max 1325 Characters)** **1. Governance, Risk and Compliance Audit (GRCA): Ensures audits cover governance structures,** **regulatory compliance, security frameworks, business continuity, and incident response with regular** **documentation and remedial actions.** **2. Third-Party Risk Management (TPRM): Evaluates vendor security posture using questionnaires, AIdriven** **assessments, audits, and contract reviews, ensuring compliance with privacy laws and effective** **incident response.** **3. Intermediaries Audit: Reviews intermediaries’ cyber policies, board-approved controls, and oversight** **mechanisms to ensure safe data handling and regulatory compliance.** **4. Legal Document Review: Ensures contracts include clear clauses for information security, data privacy,** **AI governance, breach notification, and regulatory adherence aligned with organizational policies.** **5. AI Security for Third-Party Vendors: Requires transparency about AI use, robust security controls, bias** **mitigation, continuous monitoring, incident response, and regulatory compliance prior to onboarding AI** **vendors.** **2) Job Context & Major Challenges: Write the specific aspects of the job that provide a challenge** **internal and external) to the jobholder in the context of the Business/Unit/Function/Department/Section** **(Max 3975 Characters)** **The role operates within a complex and dynamic environment where ensuring robust information security** **governance, risk management, and compliance (GRCA) is critical. Internally, the job holder faces the** **challenge of integrating evolving regulatory requirements, organizational policies, and technological** **advancements into practical and enforceable security frameworks, while aligning with business objectives** **across multiple departments.** **Major internal challenges include:** **`** **Annexure I: ABG Job Description Template** **`** **HayGroup** **Job Description Template 2024** **2) Job Context & Major Challenges: Write the specific aspects of the job that provide a challenge** **internal and external) to the jobholder in the context of the Business/Unit/Function/Department/Section** **(Max 3975 Characters)** **1. Managing coordination and communication between diverse stakeholders such as IT, legal, HR,** **compliance and business units to ensure unified risk mitigation strategies.** **2. Keeping pace with rapidly changing cyber threat landscapes and ensuring that control measures—** **including AI security protocols—remain effective and relevant.** **3. Balancing stringent security requirements with operational efficiency and business needs, especially** **when dealing with third-party risk management (TPRM) and onboarding AI vendors.** **4. Maintaining thorough documentation, audit readiness, and remediation tracking amid frequent** **changes and updates.** **5. Ensuring staff training and awareness programs effectively address evolving threats and compliance** **mandates.** **Externally, the sfbhjazjob holder contends with challenges related to vendor and third-party management,** **including:** **1. Conducting rigorous assessments of vendors' security postures, AI governance, and data privacy** **practices amidst diverse technological capabilities and regulatory environments.** **2. Navigating contractual negotiations to embed adequate security and compliance clauses, including** **those for AI-related risks.** **3. Addressing complexities of auditing intermediaries and ensuring they meet the organization’s security** **and regulatory expectations.** **4. Managing incident response and liability concerns that arise from third-party breaches or AI system** **failures.** **5. Staying abreast of emerging regulations globally that impact vendor management and AI security,** **ensuring continuous compliance.** **Overall, the role demands a proactive, multidisciplinary approach to information security that anticipates** **risks, drives compliance, nurtures vendor relationships, and fosters a security-conscious culture within** **the organization and its extended ecosystem.** **3) Dimensions: Mention quantitative or qualitative parameters that are relevant for the job and provide** **a better understanding of the scope and scale of the job.** **Business Workforce Number** **(Max 254 Characters) 8500 (All ABHICL Employees)** **Unit Workforce Number** **(Max 254 Characters) 8500 (All ABHICL Employees)** **`** **Annexure I: ABG Job Description Template** **`** **HayGroup** **Job Description Template 2024** **Function Workforce Number** **(Max 254 Characters) 8500 (All ABHICL Employees)** **Department Workforce Number** **(Max 254 Characters) 8500 (All ABHICL Employees)** **Other Quantitative and Important** **Parameters for the job: Budgets/** **Volumes/No. of Products/Geography/** **Markets/ Customers or any other parameter** **1. Overseeing security and compliance for "N" number** **of third-party vendors, including AI service providers,** **intermediaries, and contractors across diverse service** **lines.** **2. Reviewing and managing compliance for a large** **volume of legal agreements annually—commonly** **hundreds—that involve data privacy, security clauses,** **and AI governance provisions.** **3. Supporting operations across ABHICL, ensuring** **adherence to regional cybersecurity regulations (e.g.** **IRDAI & DPDPA in India).** **4. Coordinating multiple internal and external audits** **yearly, including GRCA, TPRM, intermediaries, and