Talent.com
No longer accepting applications
Chief Information Security Officer (CISO) - Indian BFSI - 15 years+

Chief Information Security Officer (CISO) - Indian BFSI - 15 years+

datavrutiVadodara, IN
6 days ago
Job description

Job Title : Chief Information Security Officer (CISO)

Location : Mumbai - Work From Office

Reporting To : Chief Risk Officer (with dual reporting to Board Risk / Audit Committee)

Sector : General Insurance

Experience : 15+ years in Information Security with leadership exposure in BFSI, ideally Insurance or FinTech

Salary : 50LPA+ based on fitment

Role Overview

  • The Chief Information Security Officer (CISO) will define and implement the company’s end-to-end Information Security framework, ensuring secure design, regulatory readiness, and operational resilience as the company moves from 0 to 1.
  • This is a strategic yet hands-on leadership role, ideal for someone who has managed security at scale in a regulated BFSI / Insurance environment, and now wants to build a secure-by-design foundation for a cloud-native, API-driven, AI-powered insurance platform.
  • The CISO will anticipate and pre-empt risks by leveraging prior experience, ensuring that the company’s technology-led innovation is always backed by enterprise-grade security and compliance discipline.

Key Responsibilities

1. Information Security Strategy & Governance

  • Define and implement the enterprise-wide Information Security strategy, encompassing governance, risk management, data protection, and cybersecurity.
  • Establish security policies, frameworks, and control baselines in alignment with IRDAI, CERT-In, ISO 27001, and DPDP Act.
  • Build a scalable ISMS (Information Security Management System) from the ground up.

    • 2. Cloud, Application & API Security

  • Review and work with engineering teams to develop secure architecture design for cloud-native systems, APIs, and microservices.
  • Review implemented automated controls for containerized and serverless environments.
  • Ensure security by design is baked into engineering processes through DevSecOps practices and CI / CD pipelines.

    • 3. Cybersecurity Operations & Threat Management

  • Set up and oversee Security Operations (SOC), including SIEM, SOAR, and vulnerability management.
  • Build detection and response capability tailored for API-driven, AI-heavy applications.
  • Lead threat intelligence, incident response, and post-incident reviews.

    • 4. AI & Data Security

  • Develop frameworks for secure and responsible AI / ML model governance, including data lineage, model access control, and risk mitigation for bias and data leakage.
  • Protect customer and training data in compliance with DPDP and data residency norms.

    • 5. Regulatory & Compliance Management

  • Ensure readiness for IRDAI cyber security and IT governance audits.
  • Collaborate with Compliance and Legal teams for ongoing adherence to regulatory reporting and certifications (ISO 27001, SOC 2, etc.).
  • Build documentation and audit trails for pre-emptive compliance.

    • 6. Third-Party & Ecosystem Security

  • Design and enforce Third-Party Risk Management (TPRM) framework for partners, TPAs, technology vendors, and data processors.
  • Conduct due diligence and continuous monitoring of vendor security posture.

    • 7. Business Continuity & Resilience

  • Establish cloud-native BCP / DR plans, aligned with IRDAI requirements.
  • Lead incident and crisis management drills to validate resilience under simulated failures.

    • 8. Security Culture & Awareness

  • Foster a security-first culture across engineering, product, and operations teams.
  • Conduct awareness programs, red / blue team simulations, and executive security workshops.

    • 9. Leadership & Board Engagement

  • Advise leadership and Board Risk / Audit Committee on key threats, mitigation strategies, and regulatory posture.
  • Build and mentor an internal security team capable of scaling with the business.

    • Desired Profile

  • 15+ years in Information Security, with at least 5 years in senior InfoSec roles at Insurance, NBFC, Bank, or FinTech.
  • Experience securing cloud-native, API-driven, or AI / ML-intensive platforms.
  • Strong grasp of IRDAI, CERT-In, DPDP Act, and global security standards.
  • Proven ability to design and operationalize security frameworks from zero, while ensuring future scalability.
  • Strong collaboration with Product, Engineering, and Risk teams.

    • Qualifications / Certifications

  • Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related field.
  • Preferred certifications : CISSP, CISM, CCSP, ISO 27001 LA, AWS Security Specialty, CRISC.
  • Familiarity with frameworks like NIST CSF, Zero Trust Architecture, and OWASP API Security Top 10.

    • Key Behavioural Attributes

  • Strategic foresight backed by operational pragmatism.
  • Startup agility with an enterprise governance mindset.
  • Strong executive presence and regulatory confidence.
  • Builder-leader who can “set up from scratch” yet think “at scale.”
  • Ethical, transparent, and decisive under pressure.
    • Create a job alert for this search

    Information Security • Vadodara, IN

    Related jobs
    • Promoted
    Oracle Cloud Security and Risk Management (RMC) Consultant

    Oracle Cloud Security and Risk Management (RMC) Consultant

    AtomAnand, IN
    Job Title : Oracle Cloud Security and Risk Management (RMC) Consultant.We are seeking an experienced Oracle Cloud Security and Risk Management (RMC) Consultant to join our team.The ideal candidate w...Show moreLast updated: 30+ days ago
    • Promoted
    INFOR XA / Mapics

    INFOR XA / Mapics

    Programmers.ioNadiad, IN
    IO is actively seeking talented individuals who are skilled in IBMi and Infor XA / Mapics.If you're looking for a flexible work environment that allows you to contribute from anywhere, we want to hea...Show moreLast updated: 30+ days ago
    • Promoted
    Oracle HCM Cloud

    Oracle HCM Cloud

    Affintrix TechnologiesAnand, Gujarat, India
    Candidates should have a minimum of 8-10 years of experience in Oracle HCM Cloud and must be able to join us immediately or within 15days. Extensive knowledge of Security configuration using Securit...Show moreLast updated: 10 days ago
    • Promoted
    Chief Executive Officer

    Chief Executive Officer

    Resolute CorpAnand, IN
    ShareSquare, you will be the overall strategic and operational leader of the company.Reporting directly to the Board of Directors, you will be responsible for driving vision, business growth, inves...Show moreLast updated: 13 days ago
    • Promoted
    Lead Network & Security Engineer (Hyperscalers – OCI / GCP)

    Lead Network & Security Engineer (Hyperscalers – OCI / GCP)

    Cloud4C Servicesanand, India
    Gartner’s Magic Quadrant (2021), is a leading automation-driven Cloud Managed Services Provider (MSP).We specialize in multi-cloud migration, management, and disaster recovery with zero data loss g...Show moreLast updated: 9 days ago
    • Promoted
    co-founder

    co-founder

    RISK FREE LIFE INSURANCE BROKINGvadodara, India
    Invitation to Join as Co-founder & Chief Business Officer – Spearhead India's First Advisor-Ownership Platform.A Visionary Leader Who Believes in Empowering Financial Advisors.The Founding Team, RF...Show moreLast updated: 10 days ago
    • Promoted
    Azure Infra Architect

    Azure Infra Architect

    Tata Consultancy Servicesanand, India
    TCS is hiring Azure Infra Architect.Kubernetes ,GitOps,implementation of security solutions for containerized application, Kubernetes clusters in the Cloud preferably Azure.IaC) tools such as Terra...Show moreLast updated: 9 days ago
    • Promoted
    Head – Yield Management System

    Head – Yield Management System

    Tata ElectronicsVadodara, IN
    Tata Electronics Private Limited (TEPL) is a greenfield venture of the Tata Group with expertise in manufacturing precision components. Tata Electronics (a wholly owned subsidiary of Tata Sons Pvt.I...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Security Architect

    Senior Security Architect

    DautomNadiad, IN
    Role : Senior Security Architect.Location : Offshore, India (Remote).You’ll drive end-to-end security design across platforms, lead threat modeling and control gap assessments, oversee IT security r...Show moreLast updated: 6 days ago
    • Promoted
    • New!
    [Only 24h Left] Cyber Security Sales

    [Only 24h Left] Cyber Security Sales

    Adani Enterprises LimitedVadodara, Gujarat, India
    We are seeking an Cybersecurity – India Sales to lead revenue growth across India.This role is responsible for building deep client relationships, expanding existing accounts, and driving new busin...Show moreLast updated: 2 hours ago
    • Promoted
    Cyber Security Architect

    Cyber Security Architect

    Tata Consultancy Servicesvadodara, India
    In depth knowledge of IAM for AWS.Architect and automate the management of AWS Cloud IAM services.Support the Identity and Access Management team within the Technology Risk & Information Security O...Show moreLast updated: 9 days ago
    • Promoted
    Sr. Lead - Cloud Security

    Sr. Lead - Cloud Security

    Sycamore Informatics Inc.Anand, IN
    Cloud security framework; Strong scripting skills with PowerShell and.Solid understanding of version control tools, particularly Git. Experience with cloud platforms, including AWS, Azure and GCP.Pr...Show moreLast updated: 30+ days ago
    • Promoted
    IT & Security Administrator (India – Gujarat office)

    IT & Security Administrator (India – Gujarat office)

    CloudLabs IncAnand, IN
    CloudLabs Inc was founded in 2014 with the mission to provide exceptional IT & Business consulting services at a competitive price, to help clients realize the best value from their investments.Wit...Show moreLast updated: 10 days ago
    • Promoted
    Data & AI Engineer – Cyber Risk Intelligence Platform – India / Remote

    Data & AI Engineer – Cyber Risk Intelligence Platform – India / Remote

    Quantara AIVadodara, IN
    Remote
    Data & AI Engineer – Cyber Risk Intelligence Platform – India.Quantara AI is a next-generation.Cyber Risk Intelligence and Governance. CISOs, Boards, and executive teams.Our AI-powered solution comb...Show moreLast updated: 4 days ago
    • Promoted
    • New!
    ▷ [01 / 11 / 2025] IT Security Manager

    ▷ [01 / 11 / 2025] IT Security Manager

    HyFun FoodsVadodara, Gujarat, India
    HyFun a leading brand in Frozen Food in India with exports in more than 40+ countries is seeking to strengthen its IT Team. We are looking to fill the IT Security Manager position based in Ahmedabad...Show moreLast updated: 2 hours ago
    • Promoted
    ASIC Verification Lead

    ASIC Verification Lead

    eInfochips (An Arrow Company)Vadodara, IN
    Job Locations : Bangalore / Hyderabad / Ahmedabad / Chennai (WORK FROM OFFICE ONLY).NO WORK FROM HOME OR REMOTE WORK).Best In Class Employee Welfare Practices. Cutting Edge, Full Chip ODC Projects.Higher ...Show moreLast updated: 30+ days ago
    • Promoted
    Head- Business Intelligence & AI

    Head- Business Intelligence & AI

    Deepak Group CoVadodara, Gujarat, India
    Role Title : Head- Business Intelligence & AI Reporting To : Chief Information Officer Location of Posting : Corporate office, Vadodara Position Overview : We are seeking seasoned Head- Business In...Show moreLast updated: 30+ days ago
    • Promoted
    SailPoint ISC Developer

    SailPoint ISC Developer

    TechDemocracyVadodara, IN
    SailPoint Identity Security Cloud (ISC) Developer.The ideal candidate will have hands-on experience with SailPoint ISC (IdentityNow), including configuration, customization, workflow design, and in...Show moreLast updated: 16 days ago