Talent.com
No longer accepting applications
Chief Information Security Officer (CISO) - Indian BFSI - 15 years+

Chief Information Security Officer (CISO) - Indian BFSI - 15 years+

datavrutiNagpur, IN
4 days ago
Job description

Job Title : Chief Information Security Officer (CISO)

Location : Mumbai - Work From Office

Reporting To : Chief Risk Officer (with dual reporting to Board Risk / Audit Committee)

Sector : General Insurance

Experience : 15+ years in Information Security with leadership exposure in BFSI, ideally Insurance or FinTech

Salary : 50LPA+ based on fitment

Role Overview

  • The Chief Information Security Officer (CISO) will define and implement the company’s end-to-end Information Security framework, ensuring secure design, regulatory readiness, and operational resilience as the company moves from 0 to 1.
  • This is a strategic yet hands-on leadership role, ideal for someone who has managed security at scale in a regulated BFSI / Insurance environment, and now wants to build a secure-by-design foundation for a cloud-native, API-driven, AI-powered insurance platform.
  • The CISO will anticipate and pre-empt risks by leveraging prior experience, ensuring that the company’s technology-led innovation is always backed by enterprise-grade security and compliance discipline.

Key Responsibilities

1. Information Security Strategy & Governance

  • Define and implement the enterprise-wide Information Security strategy, encompassing governance, risk management, data protection, and cybersecurity.
  • Establish security policies, frameworks, and control baselines in alignment with IRDAI, CERT-In, ISO 27001, and DPDP Act.
  • Build a scalable ISMS (Information Security Management System) from the ground up.

    • 2. Cloud, Application & API Security

  • Review and work with engineering teams to develop secure architecture design for cloud-native systems, APIs, and microservices.
  • Review implemented automated controls for containerized and serverless environments.
  • Ensure security by design is baked into engineering processes through DevSecOps practices and CI / CD pipelines.

    • 3. Cybersecurity Operations & Threat Management

  • Set up and oversee Security Operations (SOC), including SIEM, SOAR, and vulnerability management.
  • Build detection and response capability tailored for API-driven, AI-heavy applications.
  • Lead threat intelligence, incident response, and post-incident reviews.

    • 4. AI & Data Security

  • Develop frameworks for secure and responsible AI / ML model governance, including data lineage, model access control, and risk mitigation for bias and data leakage.
  • Protect customer and training data in compliance with DPDP and data residency norms.

    • 5. Regulatory & Compliance Management

  • Ensure readiness for IRDAI cyber security and IT governance audits.
  • Collaborate with Compliance and Legal teams for ongoing adherence to regulatory reporting and certifications (ISO 27001, SOC 2, etc.).
  • Build documentation and audit trails for pre-emptive compliance.

    • 6. Third-Party & Ecosystem Security

  • Design and enforce Third-Party Risk Management (TPRM) framework for partners, TPAs, technology vendors, and data processors.
  • Conduct due diligence and continuous monitoring of vendor security posture.

    • 7. Business Continuity & Resilience

  • Establish cloud-native BCP / DR plans, aligned with IRDAI requirements.
  • Lead incident and crisis management drills to validate resilience under simulated failures.

    • 8. Security Culture & Awareness

  • Foster a security-first culture across engineering, product, and operations teams.
  • Conduct awareness programs, red / blue team simulations, and executive security workshops.

    • 9. Leadership & Board Engagement

  • Advise leadership and Board Risk / Audit Committee on key threats, mitigation strategies, and regulatory posture.
  • Build and mentor an internal security team capable of scaling with the business.

    • Desired Profile

  • 15+ years in Information Security, with at least 5 years in senior InfoSec roles at Insurance, NBFC, Bank, or FinTech.
  • Experience securing cloud-native, API-driven, or AI / ML-intensive platforms.
  • Strong grasp of IRDAI, CERT-In, DPDP Act, and global security standards.
  • Proven ability to design and operationalize security frameworks from zero, while ensuring future scalability.
  • Strong collaboration with Product, Engineering, and Risk teams.

    • Qualifications / Certifications

  • Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related field.
  • Preferred certifications : CISSP, CISM, CCSP, ISO 27001 LA, AWS Security Specialty, CRISC.
  • Familiarity with frameworks like NIST CSF, Zero Trust Architecture, and OWASP API Security Top 10.

    • Key Behavioural Attributes

  • Strategic foresight backed by operational pragmatism.
  • Startup agility with an enterprise governance mindset.
  • Strong executive presence and regulatory confidence.
  • Builder-leader who can “set up from scratch” yet think “at scale.”
  • Ethical, transparent, and decisive under pressure.
    • Create a job alert for this search

    Information Security • Nagpur, IN

    Related jobs
    • Promoted
    Chief Technology Officer

    Chief Technology Officer

    SlayrobeIndia, India
    Slayrobe is India’s first styling and confidence ecosystem built at the intersection of fashion, psychology, and AI — decoding how women make everyday style decisions. With 10,000+ users, paying sub...Show moreLast updated: 2 days ago
    • Promoted
    Senior Cloud Engineer

    Senior Cloud Engineer

    AptonetNagpur, IN
    Senior Cloud Developer – Offshore (India | Remote).Contract Role | Multi-Cloud Security Projects | Cutting-Edge AI & Automation. This role offers the opportunity to work on.Python preferred; also Ja...Show moreLast updated: 24 days ago
    • Promoted
    Illumio- Zero Trust Microsegmentation

    Illumio- Zero Trust Microsegmentation

    CareerXperts ConsultingNagpur, IN
    Hiring : Manager - Zero Trust Microsegmentation.Bengaluru | 💼 5+ Years Experience.Lead Illumio microsegmentation implementations. Design & deploy Zero Trust policies.Analyze network infrastructure &...Show moreLast updated: 4 days ago
    • Promoted
    Cyble - GRC Lead - Information Security

    Cyble - GRC Lead - Information Security

    Cyble, India
    About Cyble : - Cyble is revolutionizing the landscape of cybersecurity intelligence.Founded in 2019, Cyble began as a visionary college project and has quickly transformed into...Show moreLast updated: 6 days ago
    • Promoted
    SailPoint ISC Developer

    SailPoint ISC Developer

    TechDemocracyNagpur, IN
    SailPoint Identity Security Cloud (ISC) Developer.The ideal candidate will have hands-on experience with SailPoint ISC (IdentityNow), including configuration, customization, workflow design, and in...Show moreLast updated: 14 days ago
    • Promoted
    Chief of Staff

    Chief of Staff

    Stringer JournalismNagpur, IN
    Chief of Staff (Founding Hire).The Stringer Foundation is an early-stage nonprofit founded by award-winning journalist, Yale graduate, and ex-McKinsey consultant. The Stringer Foundation funds and s...Show moreLast updated: 11 days ago
    • Promoted
    Chief Information Security Officer

    Chief Information Security Officer

    ConfidentialIndia
    TransFi powers the world's payments, helping businesses and individuals access better ways to.Combining industry-leading coverage of currencies and payment methods, we. Asia, Europe, LatAm, Africa, ...Show moreLast updated: 30+ days ago
    • Promoted
    INFOR XA / Mapics

    INFOR XA / Mapics

    Programmers.ioNagpur, IN
    IO is actively seeking talented individuals who are skilled in IBMi and Infor XA / Mapics.If you're looking for a flexible work environment that allows you to contribute from anywhere, we want to hea...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Head of Information Technology

    Head of Information Technology

    Talent Zone ConsultantNagpur, Maharashtra, India
    We’re Hiring : Head of Software Engineering – India / remote.We are looking for an experienced technology leader to head our software engineering team in India. The ideal candidate will bring a strong ...Show moreLast updated: 15 hours ago
    • Promoted
    Oracle Cloud Security and Risk Management (RMC) Consultant

    Oracle Cloud Security and Risk Management (RMC) Consultant

    AtomNagpur, IN
    Job Title : Oracle Cloud Security and Risk Management (RMC) Consultant.We are seeking an experienced Oracle Cloud Security and Risk Management (RMC) Consultant to join our team.The ideal candidate w...Show moreLast updated: 30+ days ago
    • Promoted
    SOC / NOC Team Lead (Tier-2) – MSSP Operations (India-Based, Full-Time)

    SOC / NOC Team Lead (Tier-2) – MSSP Operations (India-Based, Full-Time)

    Symosis SecurityNagpur, IN
    Symosis is a cybersecurity consulting firm purpose-built for the AI-native, cloud-first era.We help public-sector and enterprise clients mature their security operations through managed services, o...Show moreLast updated: 14 days ago
    • Promoted
    Data & AI Engineer – Cyber Risk Intelligence Platform – India / Remote

    Data & AI Engineer – Cyber Risk Intelligence Platform – India / Remote

    Quantara AINagpur, IN
    Remote
    Data & AI Engineer – Cyber Risk Intelligence Platform – India.Quantara AI is a next-generation.Cyber Risk Intelligence and Governance. CISOs, Boards, and executive teams.Our AI-powered solution comb...Show moreLast updated: 2 days ago
    • Promoted
    Head – Yield Management System

    Head – Yield Management System

    Tata ElectronicsNagpur, IN
    Tata Electronics Private Limited (TEPL) is a greenfield venture of the Tata Group with expertise in manufacturing precision components. Tata Electronics (a wholly owned subsidiary of Tata Sons Pvt.I...Show moreLast updated: 30+ days ago
    • Promoted
    Sr. Lead - Cloud Security

    Sr. Lead - Cloud Security

    Sycamore Informatics Inc.Nagpur, IN
    Cloud security framework; Strong scripting skills with PowerShell and.Solid understanding of version control tools, particularly Git. Experience with cloud platforms, including AWS, Azure and GCP.Pr...Show moreLast updated: 30+ days ago
    • Promoted
    Lead IT Security Architect - SIEM

    Lead IT Security Architect - SIEM

    MNR SolutionsIndia
    Designation : Lead IT Security Architect Experience : 10-15 Years Location : Pune, India Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    (Immediate joiners only)Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response

    (Immediate joiners only)Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response

    Triune Infomatics IncNagpur, Maharashtra, India
    Role : Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response Working Hours : Monday to Friday, 9 AM – 5 PM PST (U. Business Hours) Reporting To : Security Operations (SecOps) Leader – ...Show moreLast updated: 15 hours ago
    • Promoted
    ASIC Verification Lead

    ASIC Verification Lead

    eInfochips (An Arrow Company)Nagpur, IN
    Job Locations : Bangalore / Hyderabad / Ahmedabad / Chennai (WORK FROM OFFICE ONLY).NO WORK FROM HOME OR REMOTE WORK).Best In Class Employee Welfare Practices. Cutting Edge, Full Chip ODC Projects.Higher ...Show moreLast updated: 30+ days ago
    • Promoted
    DevOps Architect -India (Remote)

    DevOps Architect -India (Remote)

    Connect Tech+TalentNagpur, IN
    Remote
    Not from Infrastructure side – Need Devops person.Must have prior experience working at one or more of the following companies' payroll / project is required : Microsoft, Oracle, SAP, Adobe, Salesforc...Show moreLast updated: 5 days ago