Chief Information Security Officer

Job Description:The job purpose is to lead and implement comprehensive cybersecurity and information securityinitiatives, including policy development, risk assessment, incident management, and compliance.Responsible for data privacy protection, infrastructure security, vendor management, and fostering asecurity-conscious culture.Roles and Responsibilities:1. Security Strategy & Governance:▪ Define and implement enterprise-wide information security strategies and policies.▪ Establish security frameworks, ensuring alignment with business objectives.▪ Oversee security governance, risk, and compliance (GRC) programs.▪ The CISO will be a member of the Information Security Risk Management Committee whichwill be responsible for development and implementation of information/cyber securitypolicies, monitoring information security projects/awareness initiatives and reviewing cyberincidents, information systems audit observations, monitoring and mitigation activities.2. Cybersecurity & Risk Management:▪ Identify, assess, and mitigate cybersecurity threats and vulnerabilities.▪ Implement security controls to protect critical assets, applications, and data.▪ Monitor emerging security threats and ensure proactive risk mitigation.▪ Application security and Vendor risk assessment standards▪ Technology risk Assessment3. Compliance & Regulatory Requirements:▪ Ensure compliance with industry regulations (ISO 27001, NIST, GDPR, PCI-DSS, etc.).▪ Work with auditors, regulators, and stakeholders to ensure legal compliance.▪ Drive security awareness programs across the organization.4. Incident Response & Crisis Management:▪ Develop and manage cybersecurity incident response plans.▪ Lead investigations into security breaches and cyber incidents.▪ Coordinate disaster recovery and business continuity planning.5. Technology & Security Architecture:▪ Oversee security architecture for cloud, network, application, and endpoint security.▪ Evaluate and implement security tools such as SIEM, IAM, DLP, and endpoint protection.▪ Work closely with IT and DevOps teams to integrate security best practices.6. Leadership & Stakeholder Collaboration:▪ Lead and mentor a team of cybersecurity professionals.▪ Collaborate with executive leadership to align security strategies with businessgoals.▪ Report security, risks, and recommendations to senior management and the board.Skills Required▪ Bachelor’s degree in computer science, Computer Engineering, or a related field.▪ CISM, CISSP, CISA, CCSP Certified / ISO 27001 Certified Lead Implemented / Lead Auditor▪ Forensics capability▪ Project Governance and Project risk management standards including methodology forassessing project risks and reporting project risks to IS Team▪ A proven ability to manage and monitor program timelines, deliverables, budgets andfinancial performanceRelevant Experience• Experience and exposure to Information/cyber Security in a professional enterprise and minimum15-18 year's managing Information Security standards in financial services or banking industry withexposure to ISO 27001:2013, COBIT, PCIDSS standards.• Systems Forcepoint, Zscaler, F5, Microsoft Azure WAF, Virsec, CISCO, Sonic Wall, Applications likeApache Tomcat, IIS etc, Business Applications like Core Banking Systems, Securities System, Web andMobile Applications.• The CISO Responsibilities as per the IRDAI Information and Cyber Security Guidelines.

Apply Now