Talent.com
No longer accepting applications
IT CYBER SECURITY (CISO)

IT CYBER SECURITY (CISO)

Banking client if New Era IndiaAmravati, IN
17 hours ago
Job description

job summary

The purpose of the position is to manage, support, and coordinate all information security activities and programs for the branch. He / she shall be primarily responsible for ensuring compliance to various instructions issued by the RBI on information / cyber security via process re-engineering and documentation. The purpose of this position to manage, support and coordinate all Information Security activities, programs and initiatives of the Bank.

Work Responsibilities – Manager / Senior Manager (I.T. Cyber Security)

  • Information Security Governance
  • Responsible for maintaining and periodically updating Information Security Policies in alignment with organizational, regulatory, and RBI guidelines.
  • Monitoring and ensuring compliance with statutory and regulatory frameworks, including RBI, NPCI, and CERT-In directives.
  • Security Awareness and Training
  • Designing and conducting the Information Security Training and Awareness Program for all staff.
  • Ensuring security awareness through multiple communication channels such as e-learning modules, mailers, and awareness sessions.
  • Risk, Continuity, and Vendor Management
  • Active participation in the development, implementation, and maintenance of Business Continuity Plans (BCP), Disaster Recovery (DR) plans, and Vendor Risk Assessment policies.
  • Periodically testing and reviewing DR drills, ensuring alignment with RBI's Cyber Security Framework.
  • Information Security and IT Risk Management
  • Developing, implementing, and monitoring a comprehensive enterprise-wide Information Security and IT Risk Management program.
  • Overseeing security controls, vulnerability management, and threat mitigation strategies.
  • Technical Oversight and Problem Management
  • Hands-on experience in Incident Management, Problem Management, Change Management, and Critical Incident Handling.
  • Driving technical troubleshooting, coordinating escalations, managing communication, ensuring timely resolution, and preparing detailed RCA (Root Cause Analysis) reports.
  • System and Application Monitoring
  • Monitoring daily server logs, applications, and infrastructure health to maintain 99.9% system uptime.
  • Ensuring preventive maintenance and prompt resolution of issues affecting business continuity.
  • Documentation and Process Management
  • Preparing and maintaining detailed IT procedural documentation, user manuals, and operational guidelines.
  • Maintaining updated documentation for IT Security compliance and audit readiness.
  • Audit and Compliance Coordination
  • Coordinating and tracking all IT and Security-related audits (RBI, NPCI, IS Audit, VAPT, and internal / external audits).
  • Ensuring timely closure of audit observations and submission of compliance reports to regulatory authorities.
  • Data Classification and Protection
  • Conducting Data Classification Assessments and enforcing data protection controls in line with regulatory norms.
  • Security Responsibilities
  • Ensuring compliance with RBI's Cyber Security Framework and IT Governance requirements.
  • Overseeing cyber incident detection, response, and timely reporting to RBI and CERT-In.
  • Coordinating quarterly Cyber Security Posture Assessments and follow-up of mitigation actions.
  • Supervising vendor risk management, access control, endpoint protection, and network segmentation.
  • Preparing and submitting quarterly cyber security compliance reports, and participating in RBI's IT / Cyber Security examinations.
  • Data Privacy
  • Implementing Data privacy frameworks for collection, processing, storage, and sharing of personal data.
  • Ensuring lawful processing of personal data and obtaining consent in accordance with regulatory requirements.
  • Monitoring data retention and deletion policies to prevent unauthorized retention of personal data.
  • Conducting Privacy Impact Assessments (PIA) for new systems or applications handling personal data.
  • Ensuring timely reporting and response in case of personal data breach incidents, as per DPDP notification requirements.
  • Leading staff sensitization programs on data privacy principles, lawful use, and user rights under the DPDP Act.
  • Maintaining and reviewing Data Protection Policy, Consent Management Mechanism, and Data Subject Rights procedures.
  • Overall IT Governance and Reporting
  • Supporting IT leadership in the evaluation and adoption of emerging technologies while balancing security and operational efficiency.
  • Clearly articulating pros and cons of technical solutions and documenting use cases, solution architectures, and recommendations for management review.

desired skills

  • BE or MCA Degree in computer science or related field
  • 5 – 8 years, experience in information security & IT risk management
  • Banking background necessary, especially experience in foreign banks
  • Reporting / writing skills, ability to draft replies to the regulatory authorities
  • Strong knowledge of Information Security concepts including, but not limited to, Audit Reviews, Risk Assessment, Awareness & Training, Identity Access & Management, Data Protection, Secure SDLC, Incident Management, Vulnerability Assessment, Third Party IS Assessment, Secure Configurations, Patch Management, etc.
  • Hands-on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc
  • Excellent diagnostic and problem-solving skills along with documentation
  • Excellent communication ability, collaboration skills, ownership and accountability
    • Create a job alert for this search

    Cyber Security • Amravati, IN