Senior Resource- Information Security

NB : "Recruiting for a scheduled commercial bank"

Job Title : Senior Resource – Information Security

Minimum 15 years in BFSI

Employment Type : Full-Time

Location – Thrissur

Job Summary :

We are looking for a highly skilled Deputy CISO – Information Security with at least 10 years of experience in BFSI to lead risk management, compliance, and security operations. The ideal candidate should have hands-on experience in designing and implementing banking security architecture, DC / DR, network security, and ensuring compliance with RBI, SEBI, UIDAI, and other regulatory bodies. Key Responsibilities :

• Develop & enforce security policies, procedures, and frameworks (NIST, ISO 27001, PCI DSS).
• Ensure regulatory compliance with RBI, SEBI, UIDAI, NPCI, ITGC, and risk management frameworks.
• Provide strategic direction and leadership in the planning, development, and implementation of enterprise-wide cybersecurity initiatives.
• Oversee the identification, assessment, and mitigation of cybersecurity risks, ensuring compliance with industry standards and regulations.
• Collaborate with cross-functional teams, including engineering, to integrate cybersecurity best practices into the design and implementation of new technologies and systems.
• Lead and manage a team of cybersecurity professionals, providing mentorship, guidance, and support to enhance the overall security posture of the organization.
• Conduct regular security assessments, audits, and penetration testing to identify vulnerabilities and weaknesses in the organization’s IT and OT infrastructure.
• Communicate effectively with senior management, board members, and other stakeholders to report on the organization’s cybersecurity posture, initiatives, and ongoing risk management efforts.
• Ensure compliance with relevant cybersecurity standards, regulations, and industry best practices, and participate in audits and compliance assessments as require
• Lead regulatory audits and collaborate with internal / external stakeholders.
• Conduct cyber drills to assess and improve incident response capabilities.
• Manage SIEM, DLP, XDR, SOC operations, and threat intelligence.
• Oversee DC / DR design & implementation, network & security architecture for banking systems.
• Ensure security of OS, applications, APIs, ATM / CARD, switch, BBPS, CBS, mobile apps, cloud security, DC / DR controls.
• Lead VA / PT (OWASP), third-party / vendor security audits, and risk assessments.
• Conduct security awareness programs and training for teams.
• Mentor and manage a team of 6-10 cybersecurity professionals, fostering a security-first culture
• Ensure compliance with SOC 2 audits and RBI regulations, particularly in the financial sector.
• Manage Governance, Risk, and compliance (GRC) processes and tools.
• Implement and manage Information Security Management System (ISMS) aligned with ISO 27001 / 27002 standards.

Education :

BTech / MCA / MTech in Computer Science, IT or related field.

Certifications (Preferred) :

ISO 27001 LA / LI, ISO 31000, CISA, CISM, CISSP, ITIL.

Qualifications & Skills