Chief Information Security Officer

Job Title

Chief Information Security Officer (CISO) – Representative Office Gazprombank

Location

New Delhi, India (with travel across Indian operations and coordination with international headquarters as required)

Company Description

Gazprombank (JSC)
, established in
1990
, is one of
Russia's top three banks
by assets and capital. Founded as a strategic financial partner to
Gazprom
, the bank has grown into a
leading universal financial institution
, offering a full range of
corporate, retail, and investment banking services
.

Gazprombank serves over
5.7 million individual
and
45,000 corporate clients
, with total assets of about
RUB 17 trillion
and a
net profit of RUB 195 billion (FY 2024)
. Headquartered in
Moscow
, it operates a broad branch network in Russia and international representative offices, maintaining a reputation for
reliability, innovation, and global collaboration
.

Job Summary

The CISO will lead and oversee the enterprise-wide information security strategy, governance, risk management, compliance and operational security for the Indian branch of our bank. This role involves working closely with the executive management team (including global HQ in Russia), board/oversight committees, business units, IT, audit and regulatory authorities.

Key Responsibilities:

• Develop, maintain and drive the information security vision, framework, policies and programmes aligned with both Indian regulatory requirements (e.g., for banking/financial services) and the global standards of the parent bank.
• Oversee risk assessment, threat intelligence, incident response (cyber-security, data breaches, etc.), business continuity/disaster recovery (BCP/DR) and third-party / vendor risk management.
• Ensure compliance with relevant Indian regulations (including for banks/financial institutions) and align with global banking group requirements.
• Report to senior leadership (CIO/CEO/Board) on security posture, major incidents, metrics, budget, investments, and improvement initiatives.
• Build and lead a strong security team in India, coordinate with global security teams at Russian HQ, and act as key liaison for global/regional audits and assurance.
• Promote security awareness, training and culture throughout the organisation.
• Evaluate and recommend security technologies, architecture, controls and best-practices; lead implementation of improvements.

Eligibility & Educational Requirements

Education:

• Minimum: Full-time Bachelor's degree in Engineering (e.g., Computer Science, Information Technology, Electronics & Communications, Electrical & Electronics)
  or
  a Bachelor's in Computer Applications (BCA) /
  equivalent recognized degree
  from an Indian university or a recognised institute.
• Preferred: Master's degree in Computer Science / Information Technology / Cyber Security / Information Assurance or an MBA with a strong IT or security focus.
• Mandatory professional/security certifications: must hold at least one of the following (or equivalent globally-recognized):
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)
• Certified Chief Information Security Officer (CCISO)
• Other relevant advanced certifications in cyber security, risk, cloud security, etc. are a plus.

Experience:

• Minimum 12 to 15 years of relevant professional experience in IT / Information Security, of which a significant portion (say at least 5-8 years) must be in senior management leadership roles (Head/Director/VP level) in cybersecurity, preferably in the Banking/Financial Services/Insurance (BFSI) sector or large financial organisations.
• Demonstrated experience in developing and implementing information security strategies, incident response, regulatory compliance, vendor risk, BCP/DR and security operations at an enterprise level.
• Experience working with large distributed operations, multi-geography exposure, and interfacing with senior leadership/board. Experience in global or cross-border organisations (especially with parent/sister companies abroad) is advantageous given the Russian HQ link.
• Preferable exposure to Indian banking regulatory environment, domestic & international security standards (e.g., ISO 27001, NIST, RBI guidelines) and audit/assurance frameworks.

Age / Other Considerations:

• Upper age limit: 55 years (or as per internal policy) is considered suitable given the seniority of the role.
• Strong leadership, communication, board-level stakeholder management, strategic thinking, business acumen and fluency (English + optional knowledge of Russian or familiarity with the Russian cultural/business context) is a considerable plus.

Competencies & Attributes

• Strategic thinker who can translate business objectives into security programmes.
• Deep technical knowledge of security architecture, operations, cloud security, network & application security, incident response, threat intelligence.
• Business acumen: ability to communicate security risks in business language, partner with business units, manage budgets.
• Regulatory & audit mindset: familiar with compliance, risk frameworks, reporting to regulators and global governance.
• Leadership & team-building: ability to lead, mentor, define culture, manage cross-functional teams (India & HQ).
• Global mindset: ability to work within a multinational setting (Russian bank HQ + Indian operations), sensitivity to cross-cultural collaboration.
• Excellent communication skills, ability to interact with senior leadership, boards, audit committees.

Why Join Us

• Unique opportunity to lead the security function of the Indian branch of a global Russian bank — high visibility, strategic impact and global exposure.
• Chance to build and lead the security roadmap, shape culture, align with global and local operations.
• Great platform for career growth and cross-border collaboration.

Application Process:

Please send your detailed CV along with a cover letter summarising your key accomplishments in information security, bridge between technology & business, and any global/cross-border experience to: by 10/12/2025. Please indicate current CTC, expected CTC, notice period and list of major certifications.