Talent.com
No longer accepting applications
National Head – Information Security, Audit and Compliance

National Head – Information Security, Audit and Compliance

Muthoot Fincorp Ltd.Thiruvananthapuram, Kerala, India
10 days ago
Job description

ROLE SUMMARY

The National Head of Information Security, Audit, and Compliance is responsible for organization’s information security governance, risk management, and compliance frameworks are robust, aligned with regulatory requirements, and continuously improved to mitigate risks and enhance security controls. The role will be responsible for overseeing and leading the organization's information security audit and compliance functions across all business units and regions.

The Head will be responsible for developing and executing a strategic audit plan for information security, ensuring adherence to industry standards (such as RBI and other relevant guidelines), and managing a team of skilled auditors. Additionally, the role involves driving operational governance related to information security and audit functions, enabling improvements in efficiency through robust compliance frameworks, and fostering a culture of security awareness and innovation within the team. The Head will focus on enhancing the skills and capabilities of the information security team while creating an environment that promotes high performance.

KEY RESPONSIBILITIES

Strategic Direction

  • Develop and implement a comprehensive information security audit strategy aligned with the organization’s business objectives, risk appetite, and regulatory requirements
  • Ensure the development and execution of the audit framework, annual audit plan / calendar, prioritizing audits based on risk assessments and business impact.

Risk & Compliance

  • Review and ensure that information security governance frameworks and policies are well-defined, communicated, and adhered to across MFL.
  • Oversee and ensure compliance with regulatory requirements, such as RBI guidelines, ISO 27001, PCI DSS, GDPR, and other relevant standards specific to the Non-Banking Financial Company (NBFC) sector.
  • Assess and evaluate the information security risk across business units and implement appropriate controls and mitigation strategies.
  • Lead end-to-end audits of the MFL’s IT systems, infrastructure, applications, and business processes, focusing on identifying security vulnerabilities, non-compliance issues, and gaps.
  • Evaluate the effectiveness of existing controls and security measures, providing recommendations for improvements.
  • Ensure periodic reviews of third-party vendors and service providers to ensure they comply with the company’s security standards and regulatory obligations.
  • Provide regular updates to the Board on risk and compliance matters, incorporating their feedback into the overall strategy and operational plan

    • Stakeholder Management & Reporting

  • Collaborate with various business units, including IT, Risk, Legal, and Compliance, to promote awareness and understanding of security audit findings and best practices.
  • Work with the business units and functions for ISO certification
  • Work with the external auditors, regulators, and other stakeholders to ensure alignment on compliance-related issues.
  • Prepare and present audit reports, findings, and recommendations to senior management and quarterly to the Audit Committee.

    • Operational Excellence

  • Leverage information security practices effectively while driving innovation for efficiency improvements, ensuring that compliance considerations remain central to all initiatives
  • Lead efforts to enhance security and compliance across all existing and future products, services, and processes to maintain a competitive advantage
  • Develop and lead training programs to enhance awareness and understanding of security and compliance within the organization.
  • Drive the continuous improvement of information security policies, procedures, and audit methodologies, ensuring they remain relevant and effective in addressing emerging risks.

    • Team management and capability development

  • Develop clear goals for the compliance team and facilitate alignment with broader organizational objectives, regularly reviewing team performance and providing constructive feedback
  • Identify training needs and implement capability-building programs that empower teams to excel and adapt to the evolving regulatory landscape
  • Foster a culture of collaboration, accountability, and excellence within the team

    • KEY CHALLENGES

  • Driving awareness and building an environment where audit is considered as a priority
  • Internal pace of working and slow pace of approvals

    • KEY DECISIONS TAKEN

  • Sign off on the IS Audit before sharing with Audit Committee
  • Recommendations across business with respect to risk and compliance in reference to information security

    • KEY INTERACTIONS

    Internal Stakeholders

    External Stakeholders

    Audit Committee : Present audit findings to the committee every quarter

    Senior Leadership : Provide insights on the key findings from the audits conducts and gaps identified

    All functional heads to seek alignment on the audit process and ensure compliance as per set standards

    Vendors Audit Partners – Provide necessary support to carry out auditing process

    Regulatory Authorities such as RBI to ensure compliance with external regulations and directives

    KEY ROLE DIMENSIONS

    Team Size : 2 direct reports

    EDUCATION / EXPERIENCE

    Minimum Qualification :

    Bachelor’s or Master’s degree in Computer Science, Information Security, Audit, Risk Management, Business Management or a related field.

    Nature of Experience :

  • At least 12-15 years of proven experience in information security, audit, risk management, and compliance, with at least 5 years in a leadership role in BFSI or NBFC.
  • Strong background in compliance frameworks, risk management, and security strategy.
  • Professional certifications such as CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), or equivalent are highly desirable.
  • Proven track record in implementing effective security solutions that enhance operational efficiency and ensure regulatory compliance.
  • In-depth knowledge of regulatory frameworks, standards, and best practices for information security (e.g., RBI Guidelines, ISO 27001, NIST, GDPR).
  • Strong background in conducting internal audits related to information security, risk management, and IT governance within the financial services or NBFC sector.
  • Proven track record of successfully leading audits, driving compliance, and implementing corrective actions.
  • Strong understanding of the information security landscape, including risk management, vulnerability management, incident response, data protection, and business continuity planning.
  • Experience with tools and technologies used for security auditing and vulnerability assessment.
  • Excellent communication and interpersonal skills, with the ability to interact with senior management, regulators, and external auditors.
  • High degree of integrity, professionalism, and ethical standards.
  • Strong analytical and problem-solving skills.
  • Ability to handle multiple priorities and work under pressure to meet deadlines.
  • Strong leadership and team management skills, with a collaborative approach to achieving organizational objectives.
    • Create a job alert for this search

    Information Security • Thiruvananthapuram, Kerala, India

    Related jobs
    • Promoted
    Practice Unit Head- Security Awareness

    Practice Unit Head- Security Awareness

    EC-Councilthiruvananthapuram, India
    Job Title – Practice Unit Head- Security Awareness.EC-Council is the world’s largest cyber security technical certification body. We operate in 145 countries globally and we are the owner and develo...Show moreLast updated: 8 days ago
    • Promoted
    US HUD Auditor

    US HUD Auditor

    AKM GlobalKollam, IN
    We are seeking a detail-oriented and experienced audit professional with 2+ years of hands-on experience in.Low-Income Housing Tax Credit (LIHTC) Audits. The ideal candidate will have a strong under...Show moreLast updated: 18 days ago
    • Promoted
    Sr. Lead - Cloud Security

    Sr. Lead - Cloud Security

    Sycamore Informatics Inc.Thiruvananthapuram, IN
    Cloud security framework; Strong scripting skills with PowerShell and.Solid understanding of version control tools, particularly Git. Experience with cloud platforms, including AWS, Azure and GCP.Pr...Show moreLast updated: 30+ days ago
    IAM - Information Security

    IAM - Information Security

    EnvestnetTrivandrum, KL, IN
    Information Security Lead / Lead – Identity Governance and Compliance.Information Security – Governance, Risk & Compliance (GRC). Lead and manage the Identity Governance and compliance activities, ...Show moreLast updated: 18 days ago
    IT and Security Manager

    IT and Security Manager

    Armada SystemsTrivandrum, Kerala, India, 695581
    Armada is an edge computing startup that provides computing infrastructure to remote areas where connectivity and cloud infrastructure is limited, as well as areas where data needs to be processed ...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Identity and Access Management - Analyst (Only 24h Left)

    Identity and Access Management - Analyst (Only 24h Left)

    EnvestnetTrivandrum, Kerala, India
    Job Title : Information Security Analyst / Analyst – Identity Governance and Compliance Department : Information Security – Governance, Risk & Compliance (GRC) Experience Level : 2 - 4 years Employ...Show moreLast updated: 3 hours ago
    • Promoted
    SOC Lead

    SOC Lead

    USTTrivandrum, Kerala, India
    UST is looking for a SOC Lead with atleast 8 years of exp.NP : Immediate to 30 days only.Interested candidate can share your updated CV to bhoopathyraja. Must have experience as Lead / Manager in SOC ...Show moreLast updated: 18 days ago
    Manager - Information Security

    Manager - Information Security

    EnvestnetTrivandrum, KL, IN
    The Manager – Information Security will be instrumental in developing, evaluating, and ensuring alignment with cybersecurity controls and policies, maintaining compliance with standards, and embedd...Show moreLast updated: 30+ days ago
    • Promoted
    IT Plant Head

    IT Plant Head

    Maxis Clinical SciencesKollam, IN
    Plant IT Head (Leading Pharma MNC).Formulations & API Manufacturing Plant.This Job Role will be a part of Plant IT and Responsible for Heading the overall IT Infra, Applications & Systems for the P...Show moreLast updated: 30+ days ago
    • Promoted
    Infrastructure Project Manager

    Infrastructure Project Manager

    AkkodisThiruvananthapuram, IN
    Manage IT infrastructure projects, with a focus on network technologies and datacenter management.Lead and coordinate datacenter moves, migrations, and implementation projects.Ensure compliance wit...Show moreLast updated: 30+ days ago
    • Promoted
    Security & Compliance IT Specialist / Engineer

    Security & Compliance IT Specialist / Engineer

    aecc - digital innovation hubThiruvananthapuram, IN
    Support the organisation’s security posture through monitoring, incident response coordination, and compliance activities. Work closely with IT operations, engineering, and leadership to ensure syst...Show moreLast updated: 8 days ago
    • Promoted
    Senior Compliance Analyst

    Senior Compliance Analyst

    IBS SoftwareTrivandrum, Kerala, India
    Conduct regular risk assessments and gap analyses to identify areas for improvement.Coordinate the SOC 1, SOC 2, SOC 3 audit process, liaising with external auditors and ensuring timely completion....Show moreLast updated: 7 days ago
    • Promoted
    Finance Manager

    Finance Manager

    MashreqKollam, IN
    The purpose of this role is to support the management of the Information Security Group budget and expenses to ensure effective and efficient management of ISG budget across all locations, in accor...Show moreLast updated: 18 days ago
    • Promoted
    Head of New Product Development (NPD)

    Head of New Product Development (NPD)

    Blue Signal SearchKollam, IN
    Head of New Product Development (NPD).Nationwide (Remote – with up to 50% international travel).Fluency in English is essential for collaboration across our global teams. Aesthetic Medicine, Consume...Show moreLast updated: 30+ days ago
    • Promoted
    Identity and Access Management - Analyst

    Identity and Access Management - Analyst

    EnvestnetTrivandrum, Kerala, India
    Information Security Analyst / Analyst – Identity Governance and Compliance.Information Security – Governance, Risk & Compliance (GRC). We are seeking a highly motivated and detail-oriented Informat...Show moreLast updated: 18 days ago
    • Promoted
    Head of Engineering

    Head of Engineering

    RecruinKollam, IN
    As Head of Engineering, you will be the driving force behind the technology roadmap, team.You’ll lead protocol design, smart contract. DevSecOps, and architecting high-performance, secure.You will d...Show moreLast updated: 18 days ago
    • Promoted
    Principal Identity and Access Management Engineer

    Principal Identity and Access Management Engineer

    AutodeskThiruvananthapuram, IN
    At Autodesk, our Cyber Defense - IAM team is dedicated to securing and enhancing the organization’s digital ecosystem We lead impactful initiatives, such as strengthening enterprise identity standa...Show moreLast updated: 8 days ago
    • Promoted
    Lead Security Engineer

    Lead Security Engineer

    ArcanaKollam, IN
    As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden...Show moreLast updated: 30+ days ago