
IT Risk, Security
2 days ago
Job Title: IT Risk, Security & Audit Lead
Years of Experience: 8-13 Years
Location: India, Mumbai, Andheri, Saki Naka
Job Summary:
We are seeking an experienced and detail-oriented IT Risk, Security & Audit Lead to oversee product development and deployment, ensuring compliance with security governance, risk management, audits, and certifications within our banking technology environment. The role demands expertise in cybersecurity, IT risk management, audit frameworks, and regulatory compliance (RBI, PCI-DSS, ISO, SOC2, etc.), with the ability to align technical security measures to business objectives. The ideal candidate will bring prior banking/fintech domain experience and a proven track record in managing risk frameworks, end-to-end audits, certifications, security operations, and incident response.
Key Responsibilities:
- Security Governance, Compliance & Audit
- Define and maintain the IT risk, audit, and cybersecurity framework aligned with RBI, ISO 27001, PCI-DSS, SOC2, and other applicable standards.
- Lead and own all audits and certifications (internal, external, ITGC, regulatory, ISO, PCI-DSS, SOC2, etc.) ensuring readiness, execution, and successful closure.
- Ensure compliance with regulatory guidelines (RBI Master Directions, CERT-In advisories, DPDP Act, etc.)
- Manage audit observations/findings and drive timely remediation with IT and engineering teams.
- Oversee periodic Vulnerability Assessments and Penetration Testing (VAPT) in collaboration with internal teams and external vendors.
- Risk Management & Control
- Identify, assess, and monitor IT & cyber risks across infrastructure, applications, APIs, and cloud environments.
- Establish KRIs/KPIs for risk and audit reporting to management and regulators.
- Drive remediation of identified risks and audit gaps with accountable teams.
- Security Operations & Incident Management
- Lead SOC activities including log monitoring, threat intelligence, and anomaly detection.
- Define and test incident response plans (data breach, ransomware, insider threat, etc.).
- Coordinate with vendors, auditors, and regulators for timely reporting and resolution of incidents.
- Stakeholder Engagement & Advisory
- Act as the bridge between technology teams, compliance, auditors, and business stakeholders.
- Educate teams on secure coding practices, DevSecOps principles, and compliance requirements.
- Present periodic security posture, risk, and audit status reports to leadership.
- Technology & Continuous Improvement
- Oversee security tools (SIEM, DLP, WAF, IAM, Endpoint Protection, etc.) and ensure effective utilization.
- Recommend and implement emerging cybersecurity and audit-supporting technologies.
- Build a culture of security and audit awareness through training, phishing simulations, and periodic workshops.
Required Skills and Qualifications:
- Experience: 8+ years in IT risk management, audits, cybersecurity, or related domains; minimum 3+ years in a leadership role.
- Education: Bachelors or Masters in Information Security, Computer Science, or Engineering.
- Technical Expertise:
- Strong understanding of security & audit frameworks: ISO 27001, NIST, COBIT, PCI-DSS, SOC 2.
- Hands-on experience with audit & security tools: SIEM, vulnerability scanners, GRC tools, DLP, IAM, EDR/XDR.
- Knowledge of cloud security (AWS/Azure/GCP) and secure architecture principles.
- Familiarity with DevSecOps, API security, and container security (Docker, Kubernetes).
- Domain Knowledge: Prior experience in banking/NBFC/fintech with strong understanding of RBI and Indian regulatory landscape.
- Soft Skills: Strong audit & risk-based decision-making, leadership, communication, and stakeholder management skills.
Preferred Qualifications:
- Certifications: CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor, CEH, OSCP (any combination preferred).
- Experience with end-to-end certification processes (ISO, PCI-DSS, SOC2, etc.).
- Experience with data privacy compliance (DPDP Act, GDPR).
- Exposure to fraud detection systems, transaction monitoring, or payment security.
- Experience in vendor risk management, third-party audits, and audit remediation tracking.
- Strong knowledge of business continuity planning (BCP) and disaster recovery (DR) in BFSI.Role & responsibilities
-
Credit Risk Model Governance
5 days ago
Mumbai, Maharashtra, India Risk Inn Full time ₹ 6,00,000 - ₹ 18,00,000 per yearApply Now:Join a top-tier firm and contribute to high-impact projects in a rapidly evolving risk and analytics landscape. Please Read the Job Description and apply if you fulfil the criteria. Click this link to submit your application after reviewing the details below: We are currently supporting our client in India, a leadingRisk Analytics and Consulting...
-
Site Security Manager
4 weeks ago
Mumbai, Maharashtra, India PINKERTON | Comprehensive Risk Management Full timeJob DescriptionOverview170+ Years Strong. Industry Leader. Global Impact. At Pinkerton, the mission is to protect our clients. To do this, we provide enterprise risk management services and programs specifically designed for each client. Pinkerton employees are one of our most important assets and critical to the delivery of world-class solutions. Bonded...
-
Senior Security Engineer
7 days ago
Mumbai, Maharashtra, India TAC Security Full time ₹ 12,00,000 - ₹ 36,00,000 per yearJob DescriptionAs a Security Engineer VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies.Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients' systems and...
-
Application Security Engineer
2 weeks ago
Mumbai, Maharashtra, India Security Lit Full time ₹ 15,00,000 - ₹ 25,00,000 per yearJob Description: Application Security Engineer (L2)Role OverviewWe are seeking an experienced Application Security Engineer (L2) to take a lead role in our security testing team. This role requires of 3 year experience (first priority will be given to more than 4 year experience resources for selection) and mandates professional security certifications. You...
-
Event Security Specialist
2 days ago
Mumbai, Maharashtra, India PINKERTON | Comprehensive Risk Management Full time ₹ 5,00,000 - ₹ 15,00,000 per yearOverview170+ Years Strong. Industry Leader. Global Impact.At Pinkerton, the mission is to protect our clients. To do this, we provide enterprise risk management services and programs specifically designed for each client. Pinkerton employees are one of our most important assets and critical to the delivery of world-class solutions. Bonded together, we share...
-
IT Risk
3 weeks ago
Mumbai, Maharashtra, India Smart IMS Inc. Full timeRole: IT Risk & Control Specialist Your background Individual with IT risk/audit experience preferably in Banking/FI domain. Bachelor's degree in IT, minimum 5-7 plus years of experience, industry certifications (CISA, CISM, COBIT foundation, etc) preferred. Relevant experience in executing Risk initiatives within a tech risk function, compliance or...
-
Analyst - Asia Security Operations Center
4 days ago
Mumbai, Maharashtra, India Jaguar Security Services Full time ₹ 1,04,000 - ₹ 1,30,878 per yearThe Asia Security Operations Center (ASOC) plays a crucial role in maintaining the safety and security of an organization's premises, assets, and personnel. This position involves monitoring security systems, responding to alarms and incidents, and effectively communicating with on-site security personnel, local POCs and emergency services as necessary.ASOC...
-
Information Security Consultant
4 weeks ago
Navi Mumbai, Maharashtra, India AKS IT Services Pvt Ltd Full timeRole: Information Security Consultant (L1/L2)Location: Mumbai/BangaloreJob Description :- Experience in implementation of ISO 27001: 2022 for any Client.- Experience in conducting Risk Assessment and Information Security Audits.- Experience in conducting Banking and Finance Comprehensive IS Audits.- Experience in documenting policies and procedures-...
-
Risk Executive
2 days ago
Mumbai, Maharashtra, India HIRINGHOUSE TECHNOLOGIES PVT LTD Full time ₹ 6,00,000 - ₹ 12,00,000 per yearKey Focus AreaRisk Assessment: Identify and evaluate financial, operational, and strategic risksReporting: Prepare risk reports and dashboards for management and compliance.Compliance Monitoring: Ensure adherence to regulatory and internal risk policies.Stakeholder Collaboration: Work with business units to understand and manage risks.Roles and...
-
Risk Analyst
4 weeks ago
Mumbai, Maharashtra, India Experian Full timeCompany DescriptionExperian is the world s leading global information services company We are listed on the London Stock Exchange EXPN and are a member of the FTSE 100 Index We re passionate about unlocking the power of data to transform lives and create opportunities for consumers businesses and society For more than 125 years we ve helped...