Senior Resource- Information Security

NB: "Recruiting for a scheduled commercial bank"Job Title: Senior Resource – Information Security Minimum 15 years in BFSI Employment Type: Full-Time Location – ThrissurJob Summary:We are looking for a highly skilled Deputy CISO – Information Security with at least 10 years of experience in BFSI to lead risk management, compliance, and security operations. The ideal candidate should have hands-on experience in designing and implementing banking security architecture, DC/DR, network security, and ensuring compliance with RBI, SEBI, UIDAI, and other regulatory bodies. Key Responsibilities: • Develop & enforce security policies, procedures, and frameworks (NIST, ISO 27001, PCI DSS). • Ensure regulatory compliance with RBI, SEBI, UIDAI, NPCI, ITGC, and risk management frameworks. • Provide strategic direction and leadership in the planning, development, and implementation of enterprise-wide cybersecurity initiatives. • Oversee the identification, assessment, and mitigation of cybersecurity risks, ensuring compliance with industry standards and regulations. • Collaborate with cross-functional teams, including engineering, to integrate cybersecurity best practices into the design and implementation of new technologies and systems. • Lead and manage a team of cybersecurity professionals, providing mentorship, guidance, and support to enhance the overall security posture of the organization. • Conduct regular security assessments, audits, and penetration testing to identify vulnerabilities and weaknesses in the organization’s IT and OT infrastructure. • Communicate effectively with senior management, board members, and other stakeholders to report on the organization’s cybersecurity posture, initiatives, and ongoing risk management efforts. • Ensure compliance with relevant cybersecurity standards, regulations, and industry best practices, and participate in audits and compliance assessments as require • Lead regulatory audits and collaborate with internal/external stakeholders. • Conduct cyber drills to assess and improve incident response capabilities. • Manage SIEM, DLP, XDR, SOC operations, and threat intelligence. • Oversee DC/DR design & implementation, network & security architecture for banking systems. • Ensure security of OS, applications, APIs, ATM/CARD, switch, BBPS, CBS, mobile apps, cloud security, DC/DR controls. • Lead VA/PT (OWASP), third-party/vendor security audits, and risk assessments. • Conduct security awareness programs and training for teams. • Mentor and manage a team of 6-10 cybersecurity professionals, fostering a security-first culture • Ensure compliance with SOC 2 audits and RBI regulations, particularly in the financial sector. • Manage Governance, Risk, and compliance (GRC) processes and tools. • Implement and manage Information Security Management System (ISMS) aligned with ISO 27001/27002 standards.Education: BTech/MCA/MTech in Computer Science, IT or related field. Certifications (Preferred): ISO 27001 LA/LI, ISO 31000, CISA, CISM, CISSP, ITIL.Qualifications & Skills • Minimum 10 years’ experience in information security department of the bank leading the team and handling regulatory audits (RBI, SEBI, UIDAI, etc.). • In-depth knowledge of banking security infrastructure, DC/DR, cloud security, and application security. • Hands-on experience in designing & implementing banking security architecture. • Strong leadership, analytical, and stakeholder management skills. • Proven experience in SOC 2 compliance and cybersecurity operations. • In-depth knowledge of RBI regulations, data protection, and global privacy laws • Experience in managing cybersecurity programs in global markets (India, US, Middle East).