Chief Information Security Officer

-Job description**Some careers open more doors than others.**

If you’re looking for a career that will unlock new opportunities, join HSBC and experience the possibilities. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

**Job Introduction**

The role is part of the First Line Risk function supporting, advising and overseeing Asset management business in India to help achieving business objectives, meet fiduciary duties to client and to comply with regulatory norms while maintaining system and data security.

Assess, identify, and reduce cybersecurity risks of the organization

**Principal Responsibilities**
- Respond to cyber incidents in a timely manner.
- Establish appropriate standards and controls and direct the establishment and implementation of processes and procedures as per the cybersecurity and cyber resilience policy approved by the Board.
- Identify information security goals and objectives consistent with business need/objectives.
- A detailed list of roles and responsibilities as mandated by the regulator can be accessed here: Roles_Responsibilities-CISO.pdf (nciipc.gov.in)
- Also, the designated CISO will be responsible to implement the exhaustive new controls mandated by SEBI as a part of this circular. Broadly, the guidelines mandate these additional comprehensive controls:

- Modifications in the cyber security framework both in terms of governance and reporting
- Implementation of new security guidelines on data classification, localization, mobile security, Application programming interface (API), Security operations centre and software bill of materials.
- Implementation of ISO 27001 certification which is made mandatory as per recent mandate.
- Implementing Cyber capability index - a quantitative approach to identify cyber maturity and reporting the cyber health to regulators.
- Conducting an elaborate Cyber security table-top exercise to simulate various cyber security scenarios and testing the existing cyber controls.
- Liaise with various internal and external stakeholders to conduct red teaming/blue teaming exercise.
- Conduct technology/security committee meetings and liaising with internal and external auditors for matters related to information security
Requirements- Strong local regulatory experience on SEBI is required
- Bachelor’s degree in computer science, Information Security or equivalent experience
- Holder of information security and risk management (e.g. CISM, CISSP, CISA etc.) preferred
- Hands on experience with India local regulators including RBI, SEBI, BSE, NSE, Cert-In, NSDL, etc.
- Successfully led Cyber or IT Security projects and a proven record of dealing with complex projects and meeting conflicting demands
- Change management and business process experience is ideal together with a proven track record of driving large-scale change / transformation programs
- Ability to adapt to a fast-moving IT landscape and keep pace with emerging technologies, good understanding of IT systems, Cloud technologies and infrastructure along with the relevant security controls required to mitigate risk

**Useful Link**

Link to Careers Site: Click HERE

You’ll achieve more when you join HSBC.

HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment.

Issued by **HSBC Global Asset Management (India) Private Ltd