Talent.com
Chief Information Security Officer (CISO) - Indian BFSI - 15 years+

Chief Information Security Officer (CISO) - Indian BFSI - 15 years+

datavrutiMangalore, IN
10 hours ago
Job description

Job Title : Chief Information Security Officer (CISO)

Location : Mumbai - Work From Office

Reporting To : Chief Risk Officer (with dual reporting to Board Risk / Audit Committee)

Sector : General Insurance

Experience : 15+ years in Information Security with leadership exposure in BFSI, ideally Insurance or FinTech

Salary : 50LPA+ based on fitment

Role Overview

  • The Chief Information Security Officer (CISO) will define and implement the company’s end-to-end Information Security framework, ensuring secure design, regulatory readiness, and operational resilience as the company moves from 0 to 1.
  • This is a strategic yet hands-on leadership role, ideal for someone who has managed security at scale in a regulated BFSI / Insurance environment, and now wants to build a secure-by-design foundation for a cloud-native, API-driven, AI-powered insurance platform.
  • The CISO will anticipate and pre-empt risks by leveraging prior experience, ensuring that the company’s technology-led innovation is always backed by enterprise-grade security and compliance discipline.

Key Responsibilities

1. Information Security Strategy & Governance

  • Define and implement the enterprise-wide Information Security strategy, encompassing governance, risk management, data protection, and cybersecurity.
  • Establish security policies, frameworks, and control baselines in alignment with IRDAI, CERT-In, ISO 27001, and DPDP Act.
  • Build a scalable ISMS (Information Security Management System) from the ground up.

    • 2. Cloud, Application & API Security

  • Review and work with engineering teams to develop secure architecture design for cloud-native systems, APIs, and microservices.
  • Review implemented automated controls for containerized and serverless environments.
  • Ensure security by design is baked into engineering processes through DevSecOps practices and CI / CD pipelines.

    • 3. Cybersecurity Operations & Threat Management

  • Set up and oversee Security Operations (SOC), including SIEM, SOAR, and vulnerability management.
  • Build detection and response capability tailored for API-driven, AI-heavy applications.
  • Lead threat intelligence, incident response, and post-incident reviews.

    • 4. AI & Data Security

  • Develop frameworks for secure and responsible AI / ML model governance, including data lineage, model access control, and risk mitigation for bias and data leakage.
  • Protect customer and training data in compliance with DPDP and data residency norms.

    • 5. Regulatory & Compliance Management

  • Ensure readiness for IRDAI cyber security and IT governance audits.
  • Collaborate with Compliance and Legal teams for ongoing adherence to regulatory reporting and certifications (ISO 27001, SOC 2, etc.).
  • Build documentation and audit trails for pre-emptive compliance.

    • 6. Third-Party & Ecosystem Security

  • Design and enforce Third-Party Risk Management (TPRM) framework for partners, TPAs, technology vendors, and data processors.
  • Conduct due diligence and continuous monitoring of vendor security posture.

    • 7. Business Continuity & Resilience

  • Establish cloud-native BCP / DR plans, aligned with IRDAI requirements.
  • Lead incident and crisis management drills to validate resilience under simulated failures.

    • 8. Security Culture & Awareness

  • Foster a security-first culture across engineering, product, and operations teams.
  • Conduct awareness programs, red / blue team simulations, and executive security workshops.

    • 9. Leadership & Board Engagement

  • Advise leadership and Board Risk / Audit Committee on key threats, mitigation strategies, and regulatory posture.
  • Build and mentor an internal security team capable of scaling with the business.

    • Desired Profile

  • 15+ years in Information Security, with at least 5 years in senior InfoSec roles at Insurance, NBFC, Bank, or FinTech.
  • Experience securing cloud-native, API-driven, or AI / ML-intensive platforms.
  • Strong grasp of IRDAI, CERT-In, DPDP Act, and global security standards.
  • Proven ability to design and operationalize security frameworks from zero, while ensuring future scalability.
  • Strong collaboration with Product, Engineering, and Risk teams.

    • Qualifications / Certifications

  • Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related field.
  • Preferred certifications : CISSP, CISM, CCSP, ISO 27001 LA, AWS Security Specialty, CRISC.
  • Familiarity with frameworks like NIST CSF, Zero Trust Architecture, and OWASP API Security Top 10.

    • Key Behavioural Attributes

  • Strategic foresight backed by operational pragmatism.
  • Startup agility with an enterprise governance mindset.
  • Strong executive presence and regulatory confidence.
  • Builder-leader who can “set up from scratch” yet think “at scale.”
  • Ethical, transparent, and decisive under pressure.
    • Create a job alert for this search

    Information Security • Mangalore, IN

    Related jobs
    • Promoted
    • New!
    CISCO ACI

    CISCO ACI

    Innova ESIMangalore, IN
    Location Preference : Pan India.Expertise in upgrading and managing code, image, firmware, bootstrap programs, software and security patches for a wide range of Network devices, including physical ...Show moreLast updated: 4 hours ago
    • Promoted
    SOC / NOC Team Lead (Tier-2) – MSSP Operations (India-Based, Full-Time)

    SOC / NOC Team Lead (Tier-2) – MSSP Operations (India-Based, Full-Time)

    Symosis SecurityMangalore, IN
    Symosis is a cybersecurity consulting firm purpose-built for the AI-native, cloud-first era.We help public-sector and enterprise clients mature their security operations through managed services, o...Show moreLast updated: 10 days ago
    • Promoted
    • New!
    Cyber Security (SOC) - Team Lead

    Cyber Security (SOC) - Team Lead

    Sanganan IT Solutions Pvt Ltd.Mangalore, IN
    Team Lead - Security Operations Center (SoC).WORK FROM NOIDA OFFICE, PLEASE DON'T APPLY IF YOU ARE LOOKING FOR HYBRID OR WORK FROM HOME. Short notice period or immediate joiners are preferred.As the...Show moreLast updated: 4 hours ago
    • Promoted
    CISCO Network data

    CISCO Network data

    LTIMindtreeMangalore, IN
    Job Title - CISCO Network data.Cisco Routing & Switching (with OSPF & BGP as must).Secondary Skills - Any below two skills is must. Firewalls (any, preferrably Palo Alto).DDI (any, preferrably Infob...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Microsoft Enterprise Mobility & Security

    Microsoft Enterprise Mobility & Security

    Cubical Operations LLPMangalore, IN
    Microsoft EMS / Entra ID / Intune Engineer.We are seeking a skilled IT professional with hands-on experience in.Microsoft Enterprise Mobility & Security (EMS). The ideal candidate will be responsibl...Show moreLast updated: 4 hours ago
    • Promoted
    Sr. Lead - Cloud Security

    Sr. Lead - Cloud Security

    Sycamore Informatics Inc.Mangalore, IN
    Cloud security framework; Strong scripting skills with PowerShell and.Solid understanding of version control tools, particularly Git. Experience with cloud platforms, including AWS, Azure and GCP.Pr...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Head Information Technology | One of the leading university in South India

    Head Information Technology | One of the leading university in South India

    FyndBridge Consultants & AdvisorsMangalore, IN
    We are hiring for one of our reputed client in Higher education.The Director – IT is a senior leadership role responsible for driving the Information Technology and Knowledge Management strategy.As...Show moreLast updated: 4 hours ago
    • Promoted
    • New!
    IT Security & Compliance Lead

    IT Security & Compliance Lead

    GenpactMangalore, IN
    IT Security, Compliance and Administration the Security / Compliance Analyst works in compliance with all written and approved policies, rules and regulations. This also includes the review and audit ...Show moreLast updated: 4 hours ago
    • Promoted
    • New!
    Chief Operating Officer (COO-Aerospace)

    Chief Operating Officer (COO-Aerospace)

    Msa Global Technology and Engineering Pvt LtdMangalore, IN
    MSA Global Technology & Engineering Pvt.Class A and mission-critical aero engine and aero structure components.Our clients include global OEMs and Tier-1 suppliers such as GE India, IAMPL, Dynamati...Show moreLast updated: 4 hours ago
    • Promoted
    Senior Infrastructure Security & Compliance Engineer

    Senior Infrastructure Security & Compliance Engineer

    People Prime WorldwideMangalore, IN
    Our client is a global digital solutions and technology consulting company headquartered in Mumbai, India.The company generates annual revenue of over $4. It has a workforce of around 86,000 profess...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Senior Network Security Engineer

    Senior Network Security Engineer

    GrowwMangalore, IN
    We are a passionate group of people focused on making financial services accessible to every Indian through a multi-product platform. Each day, we help millions of customers take charge of their fin...Show moreLast updated: 4 hours ago
    • Promoted
    IT / Computer security Analyst as Admin Executive

    IT / Computer security Analyst as Admin Executive

    KMM Infotech Solutions Private LimitedMangalore, IN
    Job Title : IT / Computer Security Analyst as Admin Executive.We are seeking a proactive, detail-oriented .Security Consultant in driving key security initiatives across the organization.This role i...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    International Project Manager

    International Project Manager

    SII Group IndiaMangalore, IN
    International Project Manager Cybersecurity (F / M) - Noida, SII India.Bengaluru, Karnataka, India (Hybrid).International Project Manager Cyber Security (F / M). Reporting to the Director of the subsidi...Show moreLast updated: 4 hours ago
    • Promoted
    AWS Cloud Security Engineer

    AWS Cloud Security Engineer

    ValueMomentumMangalore, IN
    AWS cloud security, IAM & governance, Secrets management, Incident detection, response & remediation in cloud environments, Scripting / automation (Python / Shell), AWS networking fundamentals, CI / CD...Show moreLast updated: 30+ days ago
    • Promoted
    Oracle Cloud Security and Risk Management (RMC) Consultant

    Oracle Cloud Security and Risk Management (RMC) Consultant

    AtomMangalore, IN
    Job Title : Oracle Cloud Security and Risk Management (RMC) Consultant.We are seeking an experienced Oracle Cloud Security and Risk Management (RMC) Consultant to join our team.The ideal candidate w...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Security Manager

    Security Manager

    Derewala Industries LimitedMangalore, IN
    Derewala is a name synonymous with innovation, sustainability, and quality in the world of jewelry manufacturing.With cutting-edge technology and a global clientele, we are committed to creating ti...Show moreLast updated: 4 hours ago
    • Promoted
    (Immediate joiners only)Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response

    (Immediate joiners only)Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response

    Triune Infomatics Incmangalore, karnataka, in
    Role : Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response.Working Hours : Monday to Friday, 9 AM – 5 PM PST (U. Reporting To : Security Operations (SecOps) Leader – USA.We are seeki...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Information Technology Audit Manager

    Senior Information Technology Audit Manager

    Bahwan CyberTekMangalore, IN
    Role : Information Technology Auditor.We are seeking a highly experienced and motivated.Information Technology Auditor.Group Internal Audit team of BCT. This role requires a minimum of 12 years of ex...Show moreLast updated: 25 days ago