▷ High Salary: Senior Resource- Information Security

NB: "Recruiting for a scheduled commercial bank"

Job Title: Senior Resource – Information Security

Minimum 15 years in BFSI

Employment Type: Full-Time

Location – Thrissur

Job Summary:

We are looking for a highly skilled Deputy CISO – Information Security with at least 10 years of experience in BFSI to lead risk management, compliance, and security operations. The ideal candidate should have hands-on experience in designing and implementing banking security architecture, DC/DR, network security, and ensuring compliance with RBI, SEBI, UIDAI, and other regulatory bodies. Key Responsibilities:

• Develop & enforce security policies, procedures, and frameworks (NIST, ISO 27001, PCI DSS).

• Ensure regulatory compliance with RBI, SEBI, UIDAI, NPCI, ITGC, and risk management frameworks.

• Provide strategic direction and leadership in the planning, development, and implementation of enterprise-wide cybersecurity initiatives.

• Oversee the identification, assessment, and mitigation of cybersecurity risks, ensuring compliance with industry standards and regulations.

• Collaborate with cross-functional teams, including engineering, to integrate cybersecurity best practices into the design and implementation of new technologies and systems. • Lead and manage a team of cybersecurity professionals, providing mentorship, guidance, and support to enhance the overall security posture of the organization.

• Conduct regular security assessments, audits, and penetration testing to identify vulnerabilities and weaknesses in the organization’s IT and OT infrastructure.

• Communicate effectively with senior management, board members, and other stakeholders to report on the organization’s cybersecurity posture, initiatives, and ongoing risk management efforts.

• Ensure compliance with relevant cybersecurity standards, regulations, and industry best practices, and participate in audits and compliance assessments as require

• Lead regulatory audits and collaborate with internal/external stakeholders.

• Conduct cyber drills to assess and improve incident response capabilities.

• Manage SIEM, DLP, XDR, SOC operations, and threat intelligence.

• Oversee DC/DR design & implementation, network & security architecture for banking systems.

• Ensure security of OS, applications, APIs, ATM/CARD, switch, BBPS, CBS, mobile apps, cloud security, DC/DR controls.

• Lead VA/PT (OWASP), third-party/vendor security audits, and risk assessments.

• Conduct security awareness programs and training for teams.

• Mentor and manage a team of 6-10 cybersecurity professionals, fostering a security-first culture

• Ensure compliance with SOC 2 audits and RBI regulations, particularly in the financial sector.

• Manage Governance, Risk, and compliance (GRC) processes and tools.

• Implement and manage Information Security Management System (ISMS) aligned with ISO 27001/27002 standards.

Education:

BTech/MCA/MTech in Computer Science, IT or related field.

Certifications (Preferred):

ISO 27001 LA/LI, ISO 31000, CISA, CISM, CISSP, ITIL.

Qualifications & Skills

• Minimum 10 years’ experience in information security department of the bank leading the team and handling regulatory audits (RBI, SEBI, UIDAI, etc.).

• In-depth knowledge of banking security infrastructure, DC/DR, cloud security, and application security.

• Hands-on experience in designing & implementing banking security architecture.

• Strong leadership, analytical, and stakeholder management skills.

• Proven experience in SOC 2 compliance and cybersecurity operations.

• In-depth knowledge of RBI regulations, data protection, and global privacy laws

• Experience in managing cybersecurity programs in global markets (India, US, Middle East).