Information Security Officer

4 weeks ago


Mumbai, India Wave HR and Advisory Pvt Ltd Full time

ABOUT THE ROLE:

We are building a Public Digital Infrastructure for Banking using emerging technologies to enable high-volume, cost-effective financial transactions. We are looking for a strategic and hands-on CISO to lead our cybersecurity efforts and ensure the integrity, security, governance, risk and compliance (GRC) and cyber security and BCP for of this next-gen financial platform.

KEY RESPONSIBILITIES:

1. Information Security Strategy & Ownership:

- Own and execute the enterprise-wide information and cyber security strategy, aligned with business goals.

- Develop and implement IT security roadmaps, governance models, and policies based on best practices (e.g., ISO 27001, PCI-DSS, RBI, CERT-In).

- Manage a skilled team of InfoSec and SOC professionals and drive performance, innovation, and continuous improvement.

2. Regulatory Compliance & Audit Management:

- Ensure compliance with RBI Cyber Security Framework for NBFCs, CERT-In advisories, ISO 27001, PCI-DSS, and other applicable regulations.

- Oversee the development and maintenance of all security documentation and act as the primary liaison with regulatory bodies.

- Responsible for InfoSec, IT audits (internal & external), governance, VAPT, risk assessments, and regulatory reporting.

- Manage the compliance program for Information & Cyber Security Requirements (e.g. regulatory standards, ISO27001, PCI-DSS CERT-In)

- Driving and governing audits and practice standardization (PCI , SoX, etc) across the firm.

3. Risk Management & Security Governance:

- Conduct continuous assessments of security practices, systems, and emerging threats to proactively mitigate risk.

- Maintain the Information Security Risk Register and manage third-party/vendor security assessments.

- Drive audit standardization efforts across teams (PCI, SOX, etc.).

- Conduct Cyber & BCP Risk assessment and maintain Risk register to make sure the level of risk is within permitted limit and ensure gaps are mitigated within specified timeline.

4. Security Operations & Incident Response:

- Lead and oversee SOC operations, including real-time monitoring, threat detection, and incident response.

- Develop and execute incident response plans, disaster recovery strategies and business continuity planning.

- Oversee digital forensics and breach investigation processes.

- Review & update Information security and BCP policies, IT and Security SOPs, BIA and Crisis plans

5. Technology Leadership & Innovation:

- Deliver next-generation security technologies and oversee the secure implementation of cloud and network architecture.

- Develop budgets for security operations and manage resources effectively.

- Promote security-by-design in digital transformation and IT initiatives.

6. Stakeholder Engagement & Culture Building:

- Communicate InfoSec strategy and programs to senior management, board members, and other internal/external stakeholders.

- Conduct security awareness programs, employee training, and periodic phishing simulations.

- Foster a culture of cybersecurity accountability throughout the organization.

- Ensure Information Security awareness for all employees and important stakeholders.

Skills & Qualifications:

- 8+ years of IT experience with major focus on Information Security. Preferred Sector is NBFCs/ Banks.

- Bachelor's degree in Computer Science, Information Technology, or related field (Master's preferred).

- Professional certifications such as CISSP, CISM, CISA, ISO 27001 LA, CEH.

- Deep understanding of regulatory frameworks (RBI, CERT-In), security standards (ISO 27001, PCI-DSS), and data privacy laws.

- Expertise in security technologies including SIEM, DLP, IAM, encryption, endpoint security, and vulnerability management.

- Expert knowledge ISO 27001:2013, Information and BCP.

- Primary Certifications: ISO and CISA.

- Familiarity with OWASP, attacker lifecycle frameworks, and mitigation strategies.

- Strong leadership, conflict resolution, and stakeholder management skills.

- Experience presenting InfoSec KPIs, audit findings, and risk posture metrics to executive stakeholders.

What we offer?

- Opportunity to create large scale national scale impact while ensuring fast career growth for self.

- Unparalleled learning opportunity about processes, product nuances, end customer behavior comprising a synthesis of all banks and the industry.

- Great work culture leveraging the agility of start-up and scale of large-scale public infrastructure.

(ref:iimjobs.com)

  • Mumbai, India Acme Hr Consulting Full time

    Job code: TATISO4FH Job Description of Information Security Officer Exp: 4-5 yrs - Good knowledge of software security concepts including development and cloud operations security - Hands-on experience on security audits and compliance topics like ISO-27001/SOC - Support implementation of audit controls and manage the auditability of the operational...


  • Mumbai, India WeAssemble Full time

    **JOB DESCRIPTION** **About our company**: WeAssemble is a new kind of offshore company that is revolutionizing the future of work. Our unique approach helps create industry-leading offshore development teams for innovative companies. We are seeking a talented and experienced Information Security Officer. Joining WeAssemble means becoming part of a global...


  • Mumbai, India WeAssemble Full time

    **JOB DESCRIPTION** **About our company**: WeAssemble is a new kind of offshore company that is revolutionizing the future of work. Our unique approach helps create industry-leading offshore development teams for innovative companies. We are seeking a talented and experienced Information Security Officer. Joining WeAssemble means becoming part of a global...


  • Navi Mumbai, Maharashtra, India XL Dynamics Full time

    **Position**: Officer Information Security - ** Job Shift**: Day - ** Experience**: 0 to 2 years - ** Education**: We hire based on individual talent, skill and work ethic. Formal degrees are not a material in our hiring decision. - ** Job Location**: Navi Mumbai - ** Salary Range**: ₹ 3,50,000 P.A. **Key Responsibilities**: - Conduct internal and...


  • Mumbai, Maharashtra, India Sattrix Information Security Full time

    Device Management (Endpoint) Support Engineers – L1 & L2Location: Chennai, Hyderabad and MumbaiMode: work from office (5 days)Shifts: Rotational Shifts (24x7)Budget - L1: 6-7 LPA; L2: 15-18 LPASkills required (End Point Security):Sentinal OneCarbon BlackAruba - NACDAM - ImpervaDSF - ImpervaJob Overview:We are looking forDevice Management L1 and L2 Support...


  • Navi Mumbai, India Saavn Full time

    **Role - Information Security Officer** **Location: Mumbai** **ABOUT US**: JioSaavn is South Asia’s leading audio streaming service to access, discover, and listen to favourite songs & Podcasts across languages and genres. We blend digital technology, data analysis (which we have affectionately coined Music Science), and a strong, fearless business...


  • Mumbai, India JioSaavn Full time

    Navi Mumbai, Maharashtra, India Full Time Executive **Location: Mumbai** **ABOUT US**: JioSaavn is South Asia’s leading audio streaming service to access, discover, and listen to favourite songs & Podcasts across languages and genres. We blend digital technology, data analysis (which we have affectionately coined Music Science), and a strong, fearless...


  • Mumbai, India Sattrix Information Security Full time

    Job Title: Network Security Engineers (L1 / L2 / L3) Location: Chennai / Mumbai / Hyderabad Employment Type: Full-time | Client Role Shifts: Rotational Shifts Work Mode: Work from Office About the Role: We are looking for highly skilled and motivated Network Security Engineers (L1, L2 & L3). You’ll be responsible for managing, operating, and optimizing a...


  • Mumbai, India Sattrix Information Security Full time

    Device Management (Endpoint) Support Engineers – L1 & L2 Location: Chennai, Hyderabad and Mumbai Mode: work from office (5 days) Shifts: Rotational Shifts (24x7) Budget - L1: 6-7 LPA; L2: 15-18 LPA Skills required (End Point Security): Sentinal One Carbon Black Aruba - NAC DAM - Imperva DSF - Imperva Job Overview: We are looking for Device Management L1...


  • Mumbai, India Sattrix Information Security Full time

    Device Management (Endpoint) Support Engineers – L1 & L2 Location: Chennai, Hyderabad and Mumbai Mode: work from office (5 days) Shifts: Rotational Shifts (24x7) Budget - L1: 6-7 LPA; L2: 15-18 LPA Skills required (End Point Security): - Sentinal One - Carbon Black - Aruba - NAC - DAM - Imperva - DSF - Imperva Job Overview: We are looking for Device...