Information Security Officer
4 weeks ago
ABOUT THE ROLE:
We are building a Public Digital Infrastructure for Banking using emerging technologies to enable high-volume, cost-effective financial transactions. We are looking for a strategic and hands-on CISO to lead our cybersecurity efforts and ensure the integrity, security, governance, risk and compliance (GRC) and cyber security and BCP for of this next-gen financial platform.
KEY RESPONSIBILITIES:
1. Information Security Strategy & Ownership:
- Own and execute the enterprise-wide information and cyber security strategy, aligned with business goals.
- Develop and implement IT security roadmaps, governance models, and policies based on best practices (e.g., ISO 27001, PCI-DSS, RBI, CERT-In).
- Manage a skilled team of InfoSec and SOC professionals and drive performance, innovation, and continuous improvement.
2. Regulatory Compliance & Audit Management:
- Ensure compliance with RBI Cyber Security Framework for NBFCs, CERT-In advisories, ISO 27001, PCI-DSS, and other applicable regulations.
- Oversee the development and maintenance of all security documentation and act as the primary liaison with regulatory bodies.
- Responsible for InfoSec, IT audits (internal & external), governance, VAPT, risk assessments, and regulatory reporting.
- Manage the compliance program for Information & Cyber Security Requirements (e.g. regulatory standards, ISO27001, PCI-DSS CERT-In)
- Driving and governing audits and practice standardization (PCI , SoX, etc) across the firm.
3. Risk Management & Security Governance:
- Conduct continuous assessments of security practices, systems, and emerging threats to proactively mitigate risk.
- Maintain the Information Security Risk Register and manage third-party/vendor security assessments.
- Drive audit standardization efforts across teams (PCI, SOX, etc.).
- Conduct Cyber & BCP Risk assessment and maintain Risk register to make sure the level of risk is within permitted limit and ensure gaps are mitigated within specified timeline.
4. Security Operations & Incident Response:
- Lead and oversee SOC operations, including real-time monitoring, threat detection, and incident response.
- Develop and execute incident response plans, disaster recovery strategies and business continuity planning.
- Oversee digital forensics and breach investigation processes.
- Review & update Information security and BCP policies, IT and Security SOPs, BIA and Crisis plans
5. Technology Leadership & Innovation:
- Deliver next-generation security technologies and oversee the secure implementation of cloud and network architecture.
- Develop budgets for security operations and manage resources effectively.
- Promote security-by-design in digital transformation and IT initiatives.
6. Stakeholder Engagement & Culture Building:
- Communicate InfoSec strategy and programs to senior management, board members, and other internal/external stakeholders.
- Conduct security awareness programs, employee training, and periodic phishing simulations.
- Foster a culture of cybersecurity accountability throughout the organization.
- Ensure Information Security awareness for all employees and important stakeholders.
Skills & Qualifications:
- 8+ years of IT experience with major focus on Information Security. Preferred Sector is NBFCs/ Banks.
- Bachelor's degree in Computer Science, Information Technology, or related field (Master's preferred).
- Professional certifications such as CISSP, CISM, CISA, ISO 27001 LA, CEH.
- Deep understanding of regulatory frameworks (RBI, CERT-In), security standards (ISO 27001, PCI-DSS), and data privacy laws.
- Expertise in security technologies including SIEM, DLP, IAM, encryption, endpoint security, and vulnerability management.
- Expert knowledge ISO 27001:2013, Information and BCP.
- Primary Certifications: ISO and CISA.
- Familiarity with OWASP, attacker lifecycle frameworks, and mitigation strategies.
- Strong leadership, conflict resolution, and stakeholder management skills.
- Experience presenting InfoSec KPIs, audit findings, and risk posture metrics to executive stakeholders.
What we offer?
- Opportunity to create large scale national scale impact while ensuring fast career growth for self.
- Unparalleled learning opportunity about processes, product nuances, end customer behavior comprising a synthesis of all banks and the industry.
- Great work culture leveraging the agility of start-up and scale of large-scale public infrastructure.
-
Information Security Officer
5 days ago
Mumbai, India Acme Hr Consulting Full timeJob code: TATISO4FH Job Description of Information Security Officer Exp: 4-5 yrs - Good knowledge of software security concepts including development and cloud operations security - Hands-on experience on security audits and compliance topics like ISO-27001/SOC - Support implementation of audit controls and manage the auditability of the operational...
-
Information Security Officer
7 days ago
Mumbai, India WeAssemble Full time**JOB DESCRIPTION** **About our company**: WeAssemble is a new kind of offshore company that is revolutionizing the future of work. Our unique approach helps create industry-leading offshore development teams for innovative companies. We are seeking a talented and experienced Information Security Officer. Joining WeAssemble means becoming part of a global...
-
Information Security Officer
7 days ago
Mumbai, India WeAssemble Full time**JOB DESCRIPTION** **About our company**: WeAssemble is a new kind of offshore company that is revolutionizing the future of work. Our unique approach helps create industry-leading offshore development teams for innovative companies. We are seeking a talented and experienced Information Security Officer. Joining WeAssemble means becoming part of a global...
-
Officer Information Security
2 weeks ago
Navi Mumbai, Maharashtra, India XL Dynamics Full time**Position**: Officer Information Security - ** Job Shift**: Day - ** Experience**: 0 to 2 years - ** Education**: We hire based on individual talent, skill and work ethic. Formal degrees are not a material in our hiring decision. - ** Job Location**: Navi Mumbai - ** Salary Range**: ₹ 3,50,000 P.A. **Key Responsibilities**: - Conduct internal and...
-
Endpoint Security Engineer
7 days ago
Mumbai, Maharashtra, India Sattrix Information Security Full timeDevice Management (Endpoint) Support Engineers – L1 & L2Location: Chennai, Hyderabad and MumbaiMode: work from office (5 days)Shifts: Rotational Shifts (24x7)Budget - L1: 6-7 LPA; L2: 15-18 LPASkills required (End Point Security):Sentinal OneCarbon BlackAruba - NACDAM - ImpervaDSF - ImpervaJob Overview:We are looking forDevice Management L1 and L2 Support...
-
Information Security Officer
1 week ago
Navi Mumbai, India Saavn Full time**Role - Information Security Officer** **Location: Mumbai** **ABOUT US**: JioSaavn is South Asia’s leading audio streaming service to access, discover, and listen to favourite songs & Podcasts across languages and genres. We blend digital technology, data analysis (which we have affectionately coined Music Science), and a strong, fearless business...
-
Information Security Officer
7 days ago
Mumbai, India JioSaavn Full timeNavi Mumbai, Maharashtra, India Full Time Executive **Location: Mumbai** **ABOUT US**: JioSaavn is South Asia’s leading audio streaming service to access, discover, and listen to favourite songs & Podcasts across languages and genres. We blend digital technology, data analysis (which we have affectionately coined Music Science), and a strong, fearless...
-
Network Security Engineer
13 hours ago
Mumbai, India Sattrix Information Security Full timeJob Title: Network Security Engineers (L1 / L2 / L3) Location: Chennai / Mumbai / Hyderabad Employment Type: Full-time | Client Role Shifts: Rotational Shifts Work Mode: Work from Office About the Role: We are looking for highly skilled and motivated Network Security Engineers (L1, L2 & L3). You’ll be responsible for managing, operating, and optimizing a...
-
Endpoint Security Engineer
1 week ago
Mumbai, India Sattrix Information Security Full timeDevice Management (Endpoint) Support Engineers – L1 & L2 Location: Chennai, Hyderabad and Mumbai Mode: work from office (5 days) Shifts: Rotational Shifts (24x7) Budget - L1: 6-7 LPA; L2: 15-18 LPA Skills required (End Point Security): Sentinal One Carbon Black Aruba - NAC DAM - Imperva DSF - Imperva Job Overview: We are looking for Device Management L1...
-
Endpoint Security Engineer
1 week ago
Mumbai, India Sattrix Information Security Full timeDevice Management (Endpoint) Support Engineers – L1 & L2 Location: Chennai, Hyderabad and Mumbai Mode: work from office (5 days) Shifts: Rotational Shifts (24x7) Budget - L1: 6-7 LPA; L2: 15-18 LPA Skills required (End Point Security): - Sentinal One - Carbon Black - Aruba - NAC - DAM - Imperva - DSF - Imperva Job Overview: We are looking for Device...