Information Security Risk Officer

7 hours ago

Pune, Maharashtra, India Davies Full time ₹ 11,500 - ₹ 18,000
Information Security Risk Officer

Department: Risk and Compliance

Employment Type: Permanent - Full Time

Location: Pune

Compensation: ₹11,500 - ₹18,000 / year


Description We are seeking a 3 year+ experienced Information Security Risk Officer to join our second line of defence, providing independent oversight, challenge, and assurance of information security practices across the organisation. This role is critical in ensuring that information security risks are effectively identified, assessed, managed, and reported in alignment with regulatory requirements, ISO/IEC 27001 standards, and our enterprise risk management framework.
Reporting to the Group Head of Information Security, you will play a key role in evaluating the design and operational effectiveness of controls that safeguard our information systems and data. You will provide objective, risk-based assurance and contribute to continuous improvement across security governance, incident management, risk management, and compliance activities.

Working closely with stakeholders across IT, Risk, Legal, and Operations, you will help embed security into business processes and projects from the outset, ensuring a consistent and resilient approach to information protection.

This is a hands-on, business-facing role, ideal for someone who is passionate about enabling teams to operate securely while supporting the organisation's ability to move with agility and confidence. You'll thrive in a dynamic environment where pragmatic risk management and proactive engagement are key to driving secure business outcomes

Key Responsibilities
  • Develop and maintain organisational policies and standards, applying recognised standards (ISO/IEC
  • Support review and tracking of information security risks, assessments, and treatment plans.
  • Perform spot checks or sample testing on selected security controls.
  • Escalate gaps and provide supporting evidence to senior management.
  • Monitor incidents logged by 1LOD to ensure appropriate root cause analysis and lessons learned are completed.
  • Track remediation activities through to closure.
  • Assist in gathering evidence for ISO 27001 audits, regulatory assessments, and internal assurance reviews.
  • Gather and prepare risk, compliance, and incident data for reporting.
  • Escalate issues that require senior management judgement or intervention.
  • Promote awareness of information security policies, standards, and risk management processes.
  • Act as a liaison between 1LOD divisions and the Group Information Security function.
  • In addition to the responsibilities listed, this role may be asked to perform other information security or risk-related activities in-line with organizational priorities.


Skills, Knowledge & Expertise Experience
  • At least 3 years of hands-on experience in an information security or risk role.
  • Understanding of Information security and cyber risk frameworks (ISO 27001, NIST CSF, CIS).
  • Practical experience in Information security risk management including risk assessments, control evaluation, and reporting.
  • Drafting and maintaining documentation, including policies, standards, procedures, and guidance that align with security frameworks and regulatory requirements.
  • Experience in a 2nd Line or audit/risk assurance role within a large or complex organisation is desirable.


Education
  • A Bachelor's degree or higher in Information Security, Computer Science, or related field.
Knowledge
  • Understanding of ISO 31000: Risk Management – Guidelines.
  • Strong understanding of Information Security standards and frameworks, especially:
  1. ISO/IEC implementation and audit)
  2. NIST CSF
  3. CIS Controls
  • Security governance and compliance (e.g. policies, standards, procedures)
  • Familiar with IT infrastructure, cloud services, applications, and third-party supplier risks.
  • Proficient in risk assessment methodology – (identification, assessment, mitigation).
  • Security Incident response procedures.
  • Regulatory and legal requirements such as:
  1. GDPR
  2. Data Protection Act (UK)


Skills
  • Strong analytical, reporting, and communications skills.
  • Clear and confident communicator, capable of translating complex security issues into language appropriate for both technical and non-technical stakeholders.
  • Audit and compliance activities, contributing to the preparation, execution, and follow-up of internal and external audits.
  • Able to contribute to the develop, prepare, and deliver of security awareness training and educational materials to a diverse audience.


Ability
To perform and document information security risk assessments
Collaborative team player, comfortable working with IT, Legal, HR, Risk, and operational teams.
To lead small-scale initiatives and driving continuous improvement across security activities.
Quick learner with a growth mindset, able to adapt and be flexible.  Strong understanding of Information security and cyber risk frameworks (ISO 27001, NIST CSF, CIS) Proven experience in information security and risk management. Excellent English communication skills (written and verbal). Relevant professional certification(s) (at least one of the following):
  1. CRISC – Certified in Risk and Information Systems Control
  2. CISA – Certified Information Security Auditor
  3. ISO/IEC 27001 Lead Implementer/Auditor
Not all required but valued:
  • CISM – Certified Information Security
  • CRISC – Certified in Risk and Information Systems Control
  • CISA – Certified Information Security Auditor
  • ISO/IEC 27001 Lead Implementer/Auditor

  • Information Security Risk Officer

    4 hours ago

    Pune, Maharashtra, India DAVIES Full time ₹ 9,00,000 - ₹ 12,00,000 per year

    DescriptionWe are seeking a 3 year+ experienced Information Security Risk Officer to join our second line of defence, providing independent oversight, challenge, and assurance of information security practices across the organisation. This role is critical in ensuring that information security risks are effectively identified, assessed, managed, and reported...

  • Information Security Officer

    4 hours ago

    Pune, Maharashtra, India Davies Full time ₹ 9,00,000 - ₹ 12,00,000 per year

    Application Deadline:30 September 2025Department:Risk and ComplianceLocation:PuneDescriptionWe are seeking a proactive and knowledgeable Information Security Officer to support the business across all aspects of information security. This role is essential in maintaining and strengthening our security posture, ensuring compliance with our regulatory and...

  • Lead Information Security Risk

    6 days ago

    Pune, Maharashtra, India Katalusys Consulting Pvt. Ltd. Full time ₹ 1,20,000 - ₹ 1,80,000 per year

    Company DescriptionKatalusys Consulting Pvt. Ltd., founded by experts from the IT and Business Consulting industry, specializes in Agile Enterprise Architecture, Business Change Management, Digital Business Transformation, and Information Security. We excel in providing on-site consultation and hands-on training in tools and techniques. Our services include...

  • Technical Information Security Officer

    1 week ago

    Pune, Maharashtra, India Deutsche Bank Full time ₹ 10,00,000 - ₹ 25,00,000 per year

    Technical Information Security Officer (TISO), AVPJob ID: R0394867Full/Part-Time: Full-timeRegular/Temporary: RegularListed: Location: PunePosition OverviewJob Title: Technical Information Security Officer (TISO)Corporate Title: Assistant Vice PresidentLocation: Pune, IndiaRole DescriptionAt the "Service, Solutions and AI" Domain, our mission is to...

  • AI Technical Information Security Officer

    6 days ago

    Pune, Maharashtra, India Deutsche Bank Full time ₹ 15,00,000 - ₹ 25,00,000 per year

    AI Technical Information Security Officer (TISO), AVPJob ID: R0394871Full/Part-Time: Full-timeRegular/Temporary: RegularListed: Location: PunePosition OverviewJob Title: AI Technical Information Security Officer (TISO)Corporate Title: Assistant Vice PresidentLocation: Pune, IndiaRole DescriptionAt the "Service, Solutions and AI" Domain, our mission is to...

  • Information Security Officer

    6 days ago

    Pune, Maharashtra, India FPL Technologies Full time ₹ 12,00,000 - ₹ 24,00,000 per year

    About the companyCredit cards haven't changed much for over half a century so our team of seasoned bankers, technologists, and designers set out to redefine the credit card for you - the consumer. The result is OneCard - a credit card reimagined for the mobile generation. OneCard is India's best metal credit card built with full-stack tech. It is backed by...

  • Security Specialist

    1 week ago

    Pune, Maharashtra, India PINKERTON | Comprehensive Risk Management Full time ₹ 5,00,000 - ₹ 12,00,000 per year

    Overview170+ Years Strong. Industry Leader. Global Impact.At Pinkerton, the mission is to protect our clients. To do this, we provide enterprise risk management services and programs specifically designed for each client. Pinkerton employees are one of our most important assets and critical to the delivery of world-class solutions. Bonded together, we share...

  • Chief Information Security Officer

    3 days ago

    Pune, Maharashtra, India, Maharashtra Exela Technologies Full time

    The Chief Information Security Officer (CISO) is a strategic executive responsible for the vision, leadership, and execution of the company's global information security program. This role will safeguard all digital and physical information assets, manage cyber risk across the entire enterprise, and ensure resilience against an evolving threat landscape. The...

  • Information Security Officer

    1 week ago

    Pune, Maharashtra, India Agiliad Full time ₹ 8,00,000 - ₹ 18,00,000 per year

    Essential Responsibilities include (but are not limited to):Help to plan and carry out the organizations information security strategy. Prepare and execute actions based on an ISMS calendar.Develop a set of security standards, policies and best practices for the organization.Regularly monitor computer networks and systems for security issues, breaches, or...

  • Technical Information Security Officer, AVP

    2 weeks ago

    Pune, Maharashtra, India Deutsche Bank Full time ₹ 20,00,000 - ₹ 25,00,000 per year

    Role DescriptionThe TISO acts based on the direction of and the tasks assigned by the Divisional TISO. The TISO is typically assigned a set of Application Software Assets and associated Databases (IT aspects only), Infrastructure Software Assets, IT Services, Hardware Assets or IT Assets associated with Building / Facilities. Therefore, the TISO assumes...