Senior Manager - InfoSec Governance

Position Summary: Sr Manager – Information Security Governance

• The Incumbent would be responsible to manage the information security governance, risk, and compliance process. 
• Standardize GRC policies, evaluate their impacts, and implement the relevant measure.
• Liaise with Internal Audit, Corporate Compliance, Office of General Counsel and Risk Management to remediate new and outstanding issues; track security-related issues in the electronic GRC system.  
• This is a global role engaging stakeholders (at all levels) across geographies like India, Philippines and US. 
• Certifications such as CISA, CISSP, CISM, CEH, ISO27001 LA are required (The Incumbent needs to possess at least two certifications).
• Incumbent should be a good effective communicator.
• Information security team is a healthy mix of exuberance, expertise and experience.

Job Functions And Responsibilities:

• Develop and maintain a robust threat intelligence gathering and monitoring plan.
• Review external threat Advisories and determine relevance to organization and design an appropriate response strategy
• Conduct assessment / review of IT processes and recommend action for improving IT governance maturity using reference frameworks like ISO 27001/ ITIL/others. 
• Provide reports to senior management for review of information security risks, governance and compliance.
• Keep abreast with latest security and privacy regulations, advisories and alerts.
• Ensure compliance with organizational information security policies and procedures
• Is responsible to manage security incidents and policy exceptions.
• Regular checks of strength and efficiency of security system and provides security expertise for the business unit and function managers
• Conduct IT security awareness through regular publishing of monthly security updates/bulletins and trainings (e.g., brown bags) to improve IT security knowledge of users and IT staff. 
• Provide advice and consultancy on security risks and controls.
• Is responsible for keeping an up-to-date map of security risks, latest security and privacy regulations, advisories.
• To participate to internal and external audits, and in liaison with regulatory and market bodies
• Analysis on qualitative and quantitative Risk Approach i.e. Risk Assessment of all assets across group along with Risk Treatment Plan.  
• To analyze and assess security risks and their impacts, and implement the relevant measures.
• Coordinates compliance and auditing activities and facilitates migration of non-compliant environments to compliant environments.
• Is responsible to monitor and manage security-related nonconformities

Key Result Areas:

• High Quality Content creation for Information Security Presentations for councils such as MBR, TechOps and ITRC
• Identification and Management of Information Security Risks 
• Manage Infosec risks in third party engagements and drive improvements across categories of vendors
• Qualitative review and upkeep of InfoSec Policies and Procedures
• Enhance Employee awareness to make it more engaging and effective.
• Proactive identification of resolution of risks to maintain high InfoSec Posture ratings.
• Track effective set of infosec metrics and drive improvement in security posture.
• Participate in and Respond to InfoSec Audits, Questionnaires and Examinations
• Enhance Incident Management preparedness and drive InfoSec incident management.

Qualifications:

BE / BTech / ME / MTech / MBA with specialized Infosec certifications such as CISSP, CISA, ISO 27001 LI/LA, CISM

• Bachelor of Engineering or equivalent 
• 13-15 yrs of experience in the field of Information Technology & Security audits
• At least nine (11) years of Information Systems & Security audit experience
• Extended Knowledge of IT Security.
• Experience in implementing IT controls within the IT governance framework and designing overall governance framework.
• Good Understanding of Risk and Compliance concepts and Tools
• Good communication and documentation skills.

Work Schedule Or Travel Requirements

• 3 PM IST to 12 PM PST
• Travel - Minimal.
• To attend office in-person at the base location as and when required.

Ocwen Financial Solutions Private Limited is a wholly-owned subsidiary of Onity Group Inc., a leading non-bank mortgage servicer and originator providing solutions through its primary brands, PHH Mortgage and Liberty Reverse Mortgage.

PHH Mortgage is one of the largest servicers in the United States, focused on delivering a variety of servicing and lending programs. Liberty is one of the largest reverse mortgage lenders in the U.S., dedicated to education and providing loans that help customers meet their personal and financial needs. Onity Group Inc. and its subsidiaries are committed to helping homeowners and delivering exceptional service and value to customers, clients and investors.

At Onity Group Inc., we consistently deliver on our commitments to customers, clients, investors and colleagues through caring service, integrity and creative solutions. This Service Excellence philosophy is embraced by meeting service standards we call CARE, which stands for Caring, Accurate, Responsive and Empowered. We expect all employees to interact and engage our colleagues and our customers with respect, courtesy and professionalism, and to achieve results consistent with our CARE standards.

Onity Group Inc. is intensely focused on hiring, developing and retaining the best talent in the industry! Our commitment to Diversity, Equity & Inclusion ensures that we sustain our reputation as an outstanding place to work, a great business partner and a valued community member. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. If you have a disability or special need that requires accommodation, please let us know. Visit jobs.onitygroup.com for details.