Talent.com
No longer accepting applications
▷ 15h Left! National Head – Information Security, Audit and Compliance

▷ 15h Left! National Head – Information Security, Audit and Compliance

Muthoot Fincorp Ltd.India
5 days ago
Job description

ROLE SUMMARY

The National Head of Information Security, Audit, and Compliance is responsible for organization’s information security governance, risk management, and compliance frameworks are robust, aligned with regulatory requirements, and continuously improved to mitigate risks and enhance security controls. The role will be responsible for overseeing and leading the organization's information security audit and compliance functions across all business units and regions.

The Head will be responsible for developing and executing a strategic audit plan for information security, ensuring adherence to industry standards (such as RBI and other relevant guidelines), and managing a team of skilled auditors. Additionally, the role involves driving operational governance related to information security and audit functions, enabling improvements in efficiency through robust compliance frameworks, and fostering a culture of security awareness and innovation within the team. The Head will focus on enhancing the skills and capabilities of the information security team while creating an environment that promotes high performance.

KEY RESPONSIBILITIES

Strategic Direction

  • Develop and implement a comprehensive information security audit strategy aligned with the organization’s business objectives, risk appetite, and regulatory requirements
  • Ensure the development and execution of the audit framework, annual audit plan / calendar, prioritizing audits based on risk assessments and business impact.

Risk & Compliance

  • Review and ensure that information security governance frameworks and policies are well-defined, communicated, and adhered to across MFL.
  • Oversee and ensure compliance with regulatory requirements, such as RBI guidelines, ISO 27001, PCI DSS, GDPR, and other relevant standards specific to the Non-Banking Financial Company (NBFC) sector.
  • Assess and evaluate the information security risk across business units and implement appropriate controls and mitigation strategies.
  • Lead end-to-end audits of the MFL’s IT systems, infrastructure, applications, and business processes, focusing on identifying security vulnerabilities, non-compliance issues, and gaps.
  • Evaluate the effectiveness of existing controls and security measures, providing recommendations for improvements.
  • Ensure periodic reviews of third-party vendors and service providers to ensure they comply with the company’s security standards and regulatory obligations.
  • Provide regular updates to the Board on risk and compliance matters, incorporating their feedback into the overall strategy and operational plan

    • Stakeholder Management & Reporting

  • Collaborate with various business units, including IT, Risk, Legal, and Compliance, to promote awareness and understanding of security audit findings and best practices.
  • Work with the business units and functions for ISO certification
  • Work with the external auditors, regulators, and other stakeholders to ensure alignment on compliance-related issues.
  • Prepare and present audit reports, findings, and recommendations to senior management and quarterly to the Audit Committee.

    • Operational Excellence

  • Leverage information security practices effectively while driving innovation for efficiency improvements, ensuring that compliance considerations remain central to all initiatives
  • Lead efforts to enhance security and compliance across all existing and future products, services, and processes to maintain a competitive advantage
  • Develop and lead training programs to enhance awareness and understanding of security and compliance within the organization.
  • Drive the continuous improvement of information security policies, procedures, and audit methodologies, ensuring they remain relevant and effective in addressing emerging risks.

    • Team management and capability development

  • Develop clear goals for the compliance team and facilitate alignment with broader organizational objectives, regularly reviewing team performance and providing constructive feedback
  • Identify training needs and implement capability-building programs that empower teams to excel and adapt to the evolving regulatory landscape
  • Foster a culture of collaboration, accountability, and excellence within the team

    • KEY CHALLENGES

  • Driving awareness and building an environment where audit is considered as a priority
  • Internal pace of working and slow pace of approvals

    • KEY DECISIONS TAKEN

  • Sign off on the IS Audit before sharing with Audit Committee
  • Recommendations across business with respect to risk and compliance in reference to information security

    • KEY INTERACTIONS

    Internal Stakeholders

    External Stakeholders

    Audit Committee : Present audit findings to the committee every quarter

    Senior Leadership : Provide insights on the key findings from the audits conducts and gaps identified

    All functional heads to seek alignment on the audit process and ensure compliance as per set standards

    Vendors Audit Partners – Provide necessary support to carry out auditing process

    Regulatory Authorities such as RBI to ensure compliance with external regulations and directives

    KEY ROLE DIMENSIONS

    Team Size : 2 direct reports

    EDUCATION / EXPERIENCE

    Minimum Qualification :

    Bachelor’s or Master’s degree in Computer Science, Information Security, Audit, Risk Management, Business Management or a related field.

    Nature of Experience :

  • At least 12-15 years of proven experience in information security, audit, risk management, and compliance, with at least 5 years in a leadership role in BFSI or NBFC.
  • Strong background in compliance frameworks, risk management, and security strategy.
  • Professional certifications such as CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), or equivalent are highly desirable.
  • Proven track record in implementing effective security solutions that enhance operational efficiency and ensure regulatory compliance.
  • In-depth knowledge of regulatory frameworks, standards, and best practices for information security (e.g., RBI Guidelines, ISO 27001, NIST, GDPR).
  • Strong background in conducting internal audits related to information security, risk management, and IT governance within the financial services or NBFC sector.
  • Proven track record of successfully leading audits, driving compliance, and implementing corrective actions.
  • Strong understanding of the information security landscape, including risk management, vulnerability management, incident response, data protection, and business continuity planning.
  • Experience with tools and technologies used for security auditing and vulnerability assessment.
  • Excellent communication and interpersonal skills, with the ability to interact with senior management, regulators, and external auditors.
  • High degree of integrity, professionalism, and ethical standards.
  • Strong analytical and problem-solving skills.
  • Ability to handle multiple priorities and work under pressure to meet deadlines.
  • Strong leadership and team management skills, with a collaborative approach to achieving organizational objectives.
    • Create a job alert for this search

    Information Security • India

    Related jobs
    • Promoted
    Security & Compliance IT Specialist / Engineer

    Security & Compliance IT Specialist / Engineer

    aecc - digital innovation hubNagpur, IN
    Support the organisation’s security posture through monitoring, incident response coordination, and compliance activities. Work closely with IT operations, engineering, and leadership to ensure syst...Show moreLast updated: 6 days ago
    • Promoted
    Lead Security Engineer

    Lead Security Engineer

    ArcanaNagpur, IN
    As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden...Show moreLast updated: 30+ days ago
    • Promoted
    IT Plant Head

    IT Plant Head

    Maxis Clinical SciencesNagpur, IN
    Plant IT Head (Leading Pharma MNC).Formulations & API Manufacturing Plant.This Job Role will be a part of Plant IT and Responsible for Heading the overall IT Infra, Applications & Systems for the P...Show moreLast updated: 30+ days ago
    • Promoted
    Head of Enterprise Security

    Head of Enterprise Security

    Exela TechnologiesPune, Republic Of India, IN
    The Chief Information Security Officer (CISO) is a strategic executive responsible for the vision, leadership, and execution of the company's global information security program.This role will safe...Show moreLast updated: 26 days ago
    • Promoted
    Infrastructure Project Manager

    Infrastructure Project Manager

    AkkodisNagpur, IN
    Manage IT infrastructure projects, with a focus on network technologies and datacenter management.Lead and coordinate datacenter moves, migrations, and implementation projects.Ensure compliance wit...Show moreLast updated: 30+ days ago
    • Promoted
    Technical Architecture Manager

    Technical Architecture Manager

    Client of SinclusNagpur, IN
    JOB OPENING – TECHNICAL MANAGER (ARCHITECTURE).High Rise Building Construction.Construction company engaged in.Architectural design coordination. Hands-on experience managing design consultants, con...Show moreLast updated: 6 days ago
    • Promoted
    Practice Unit Head- Security Awareness

    Practice Unit Head- Security Awareness

    EC-Councilnagpur, maharashtra, in
    Job Title – Practice Unit Head- Security Awareness.EC-Council is the world’s largest cyber security technical certification body. We operate in 145 countries globally and we are the owner and develo...Show moreLast updated: 6 days ago
    • Promoted
    US HUD Auditor

    US HUD Auditor

    AKM GlobalNagpur, IN
    We are seeking a detail-oriented and experienced audit professional with 2+ years of hands-on experience in.Low-Income Housing Tax Credit (LIHTC) Audits. The ideal candidate will have a strong under...Show moreLast updated: 16 days ago
    • Promoted
    Head of Sales

    Head of Sales

    AviateNagpur, IN
    At Humantic AI, our mission is to humanize the internet.Our product is at the cutting-edge of AI, Psychology and large-scale data. We believe that we have an opportunity (and even a responsibility) ...Show moreLast updated: 30+ days ago
    • Promoted
    Lead

    Lead

    BristleconeNagpur, IN
    Business Process Lead – Manufacturing (MFG).Bristlecone, a Mahindra company, is a leading supply chain and business analytics advisor, rated by Gartner as one of the top ten system integrators in t...Show moreLast updated: 15 days ago
    • Promoted
    SITA - Lead Specialist - Information Security

    SITA - Lead Specialist - Information Security

    SITA INFORMATION NETWORKING COMPUTING INDIAIndia
    About the job : Overview : WELCOME TO SITA : We're the team that keeps airports moving, airlines flying smoothly, and borders ...Show moreLast updated: 30+ days ago
    • Promoted
    Head of Engineering

    Head of Engineering

    RecruinNagpur, IN
    As Head of Engineering, you will be the driving force behind the technology roadmap, team.You’ll lead protocol design, smart contract. DevSecOps, and architecting high-performance, secure.You will d...Show moreLast updated: 16 days ago
    • Promoted
    IT Operations Lead

    IT Operations Lead

    aecc - digital innovation hubNagpur, IN
    The IT Head will lead the organisation’s IT operations, ensuring seamless technology support, reliable infrastructure, and efficient vendor management. This role is responsible for driving operation...Show moreLast updated: 6 days ago
    • Promoted
    • New!
    Head – Global Service Delivery (LR / MAH & Reg Operations)

    Head – Global Service Delivery (LR / MAH & Reg Operations)

    vueverse.Nagpur, IN
    Head of Global Service Delivery (Remote).Medical Devices, Pharmaceuticals, and Consumer Goods.The role oversees diverse service lines —. Legal Representation (LR / MAH / US Agent), Regulatory Operations...Show moreLast updated: 15 hours ago
    • Promoted
    L3 Server Engineer – Major Incident Management

    L3 Server Engineer – Major Incident Management

    Nextbridge IT SolutionsNagpur, IN
    Nextbridge IT Solutions is a US-based IT solution firm specializing in connecting exceptional talent with organizations driving transformation in infrastructure, cloud, and emerging technologies.We...Show moreLast updated: 30+ days ago
    • Promoted
    Sr. Lead - Cloud Security

    Sr. Lead - Cloud Security

    Sycamore Informatics Inc.Nagpur, IN
    Cloud security framework; Strong scripting skills with PowerShell and.Solid understanding of version control tools, particularly Git. Experience with cloud platforms, including AWS, Azure and GCP.Pr...Show moreLast updated: 30+ days ago
    Information Security Manager

    Information Security Manager

    MonetaGo Asia Pacific Private LimitedIN
    Quick Apply
    Educational Qualifications : Certifications : Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified ...Show moreLast updated: 30+ days ago
    • Promoted
    Security Engineer (Detection and Response)

    Security Engineer (Detection and Response)

    FoodsmartNagpur, IN
    Foodsmart is the leading telenutrition and foodcare solution, backed by a robust network of Registered Dietitians.Our platform is designed to foster healthier food choices, drive lasting behavior c...Show moreLast updated: 14 days ago