Head - Patching And Infra Governance IDFC FIRST Bank
IDFC FIRST Bank
Office Location
Full Time
Experience: 12 - 12 years required
Pay:
Salary Information not included
Type: Full Time
Location: Maharashtra
Skills: Patch Management, Vulnerability Management, Risk management, Communication skills, Infrastructure Compliance, Security patching, Audit Support, Analytical Thinking, Collaboration Skills
About IDFC FIRST Bank
Job Description
Job Requirements Key Responsibilities: RBI Compliance: Ensure the bank's infrastructure meets all RBI compliance requirements, including the implementation of security and operational controls for infrastructure systems. Infrastructure Compliance Assessments: Conduct regular infrastructure assessments to ensure adherence to internal security policies, industry standards, and RBI regulations. Zero-Day Patching: Lead and implement zero-day patching processes to protect infrastructure from emerging vulnerabilities and threats. Security & Vulnerability Patching: Oversee the identification, remediation, and patching of security vulnerabilities across all infrastructure systems, ensuring timely patch application and risk mitigation. Patching Best Practices: Define and establish best practices for patch management and ensure they are followed across all infrastructure systems, ensuring consistency and efficiency. Compliance Reporting: Prepare and present compliance reports to senior management, detailing patching status, vulnerabilities, and overall infrastructure compliance levels, with a specific focus on meeting RBI requirements. RBI Audit Support: Provide ongoing support during RBI audits by ensuring all infrastructure systems are fully compliant with regulations and assist in addressing any audit findings. Collaboration & Coordination: Work closely with internal teams such as IT, cybersecurity, and operations to ensure the successful deployment of patches and security measures. Patch Scheduling & Deployment: Plan, coordinate, and execute patch deployment cycles, minimizing business impact and downtime. Incident Response Support: Respond to infrastructure security incidents, identify vulnerabilities, and implement corrective actions through effective patching strategies. Continuous Monitoring: Monitor the environment for emerging threats, vulnerabilities, and patching requirements to proactively address any gaps in compliance or security posture. Documentation & Knowledge Sharing: Document patching procedures, compliance assessments, and remediation efforts, sharing best practices and lessons learned with relevant teams. Qualifications: Experience: 12+ years of experience in infrastructure compliance, patch management, and security, with a focus on banking and financial sector regulations. RBI Knowledge: Strong understanding of RBI guidelines and compliance requirements for infrastructure and IT systems, particularly related to cybersecurity and risk management. Security & Patching Expertise: Proven experience in vulnerability management, zero-day patching, security patching, and patch deployment across enterprise IT environments. Technical Skills: Proficiency in patch management tools, security assessment platforms, and infrastructure management tools. Risk & Compliance Management: Strong background in assessing and managing risk within IT infrastructure, with a focus on security vulnerabilities and compliance. Audit Experience: Experience with supporting audits, especially in regulated environments, with an emphasis on complying with regulatory standards such as those set by RBI. Certifications: Relevant certifications like CISSP, CISM, CISA, or equivalent are highly desirable. Communication Skills: Excellent verbal and written communication skills, with the ability to communicate technical concepts clearly to non-technical stakeholders and present to senior leadership. Analytical Thinking: Strong problem-solving skills, with the ability to think critically and make data-driven decisions for infrastructure security and compliance. Collaboration Skills: Proven ability to work cross-functionally with IT, security, operations, and regulatory teams to ensure compliance and security standards are met.,