No longer accepting applications
(Only 24h Left) National Head – Information Security, Audit and Compliance
Muthoot Fincorp Ltd.India1 day ago
Job descriptionReview and ensure that information security governance frameworks and policies are well-defined, communicated, and adhered to across MFL. Oversee and ensure compliance with regulatory requirements, such as RBI guidelines, ISO 27001, PCI DSS, GDPR, and other relevant standards specific to the Non-Banking Financial Company (NBFC) sector. Assess and evaluate the information security risk across business units and implement appropriate controls and mitigation strategies. Lead end-to-end audits of the MFL’s IT systems, infrastructure, applications, and business processes, focusing on identifying security vulnerabilities, non-compliance issues, and gaps. Evaluate the effectiveness of existing controls and security measures, providing recommendations for improvements. Ensure periodic reviews of third-party vendors and service providers to ensure they comply with the company’s security standards and regulatory obligations. Provide regular updates to the Board on risk and compliance matters, incorporating their feedback into the overall strategy and operational plan Collaborate with various business units, including IT, Risk, Legal, and Compliance, to promote awareness and understanding of security audit findings and best practices. Work with the business units and functions for ISO certification Work with the external auditors, regulators, and other stakeholders to ensure alignment on compliance-related issues. Prepare and present audit reports, findings, and recommendations to senior management and quarterly to the Audit Committee. Leverage information security practices effectively while driving innovation for efficiency improvements, ensuring that compliance considerations remain central to all initiatives Lead efforts to enhance security and compliance across all existing and future products, services, and processes to maintain a competitive advantage Develop and lead training programs to enhance awareness and understanding of security and compliance within the organization. Drive the continuous improvement of information security policies, procedures, and audit methodologies, ensuring they remain relevant and effective in addressing emerging risks. Develop clear goals for the compliance team and facilitate alignment with broader organizational objectives, regularly reviewing team performance and providing constructive feedback Identify training needs and implement capability-building programs that empower teams to excel and adapt to the evolving regulatory landscape Foster a culture of collaboration, accountability, and excellence within the team Driving awareness and building an environment where audit is considered as a priority Internal pace of working and slow pace of approvals Sign off on the IS Audit before sharing with Audit Committee Recommendations across business with respect to risk and compliance in reference to information security At least 12-15 years of proven experience in information security, audit, risk management, and compliance, with at least 5 years in a leadership role in BFSI or NBFC. Strong background in compliance frameworks, risk management, and security strategy. Professional certifications such as CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), or equivalent are highly desirable. Proven track record in implementing effective security solutions that enhance operational efficiency and ensure regulatory compliance. In-depth knowledge of regulatory frameworks, standards, and best practices for information security (e.g., RBI Guidelines, ISO 27001, NIST, GDPR). Strong background in conducting internal audits related to information security, risk management, and IT governance within the financial services or NBFC sector. Proven track record of successfully leading audits, driving compliance, and implementing corrective actions. Strong understanding of the information security landscape, including risk management, vulnerability management, incident response, data protection, and business continuity planning. Experience with tools and technologies used for security auditing and vulnerability assessment. Excellent communication and interpersonal skills, with the ability to interact with senior management, regulators, and external auditors. High degree of integrity, professionalism, and ethical standards. Strong analytical and problem-solving skills. Ability to handle multiple priorities and work under pressure to meet deadlines. Strong leadership and team management skills, with a collaborative approach to achieving organizational objectives.
ROLE SUMMARY
The National Head of Information Security, Audit, and Compliance is responsible for organization’s information security governance, risk management, and compliance frameworks are robust, aligned with regulatory requirements, and continuously improved to mitigate risks and enhance security controls. The role will be responsible for overseeing and leading the organization's information security audit and compliance functions across all business units and regions.
The Head will be responsible for developing and executing a strategic audit plan for information security, ensuring adherence to industry standards (such as RBI and other relevant guidelines), and managing a team of skilled auditors. Additionally, the role involves driving operational governance related to information security and audit functions, enabling improvements in efficiency through robust compliance frameworks, and fostering a culture of security awareness and innovation within the team. The Head will focus on enhancing the skills and capabilities of the information security team while creating an environment that promotes high performance.
KEY RESPONSIBILITIES
Strategic Direction
- Develop and implement a comprehensive information security audit strategy aligned with the organization’s business objectives, risk appetite, and regulatory requirements
- Ensure the development and execution of the audit framework, annual audit plan / calendar, prioritizing audits based on risk assessments and business impact.
Risk & Compliance
Stakeholder Management & Reporting
Operational Excellence
Team management and capability development
KEY CHALLENGES
KEY DECISIONS TAKEN
KEY INTERACTIONS
Internal Stakeholders
External Stakeholders
Audit Committee : Present audit findings to the committee every quarter
Senior Leadership : Provide insights on the key findings from the audits conducts and gaps identified
All functional heads to seek alignment on the audit process and ensure compliance as per set standards
Vendors Audit Partners – Provide necessary support to carry out auditing process
Regulatory Authorities such as RBI to ensure compliance with external regulations and directives
KEY ROLE DIMENSIONS
Team Size : 2 direct reports
EDUCATION / EXPERIENCE
Minimum Qualification :
Bachelor’s or Master’s degree in Computer Science, Information Security, Audit, Risk Management, Business Management or a related field.
Nature of Experience :
Create a job alert for this search
24H Left Information • India
Related jobs%20Ltd)
Educational Qualifications : Certifications : Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified ...Show moreLast updated: 30+ days ago
- Promoted
National Head – Information Security, Audit and Compliance
Muthoot Fincorp Ltd.India The National Head of Information Security, Audit, and Compliance is responsible for organization’s information security governance, risk management, and compliance frameworks are robust, aligned wi...Show moreLast updated: 1 day ago
- Promoted
Information Security Consultant
Soffit Infrastructure Services (P) LtdIndia The Information Security Consultant will be responsible for the implementation, assessment, and management of ISO 27001 : 2022, ISO 27002, and SOC 2 standards for clients.
This role involves working i...Show moreLast updated: 30+ days ago
- Promoted
Senior Security & Compliance Manager
Confidentialnagpur, maharashtra, in Senior Security & Compliance Manager (Independent Contractor, Remote).Remote (Must work US hours, 6 AM – 2 PM Pacific Time or 9am - 5pm Eastern Time).
The Senior Security & Compliance Manager will o...Show moreLast updated: 8 days ago
- Promoted
Senior Information Technology Audit Manager
Bahwan CyberTekNagpur, IN Role : Information Technology Auditor.We are seeking a highly experienced and motivated.Information Technology Auditor.Group Internal Audit team of BCT.
This role requires a minimum of 12 years of ex...Show moreLast updated: 24 days ago
- Promoted
Senior Manager - Information and Cyber Security
Iris Software Inc.India Create, implement, and maintain an enterprise cybersecurity strategy and IT risk management program by implementing technology, policy, and process-based solutions.
Implement and manage Security Ope...Show moreLast updated: 9 days ago
- Promoted
Information Technology Security Manager
PracticeSuite, Inc.India As a single platform, PracticeSuite has diverse features to modernize practices and take them to the next level.The IT Manager Security & Infrastructure is responsible for overseeing the organizati...Show moreLast updated: 2 days ago
- Promoted
Chief Information Security Officer
Liberty General InsuranceIndia Academic : Graduation in any discipline, B.E will be preferred; along with professional certification like CISA / CISSP etc.
Experience : 15 years and above experience in IT security, preferably from G...Show moreLast updated: 19 days ago
- Promoted
Head of Information Security
Pay10 IndiaIndia Strategic Leadership Develop and implement the enterprise-wide information security strategy, policies, and frameworks.Provide thought leadership on emerging cyber risks, threats, and technologies....Show moreLast updated: 7 days ago
- Promoted
Senior Manager - Information Security and System Audit
sliceIndia The individual will be responsible for executing IT security audits, ensuring adherence to ISMS and ITGC controls, and identifying potential security risks.
The role involves conducting security ass...Show moreLast updated: 1 day ago
- Promoted
Information Security Lead
Narayana HealthIndia The Information Security Lead will be responsible for developing and implementing the organization’s information security framework to safeguard patient data, clinical systems, and enterprise IT in...Show moreLast updated: 30+ days ago
- Promoted
Chief Information Security Officer
Exela TechnologiesIndia The Chief Information Security Officer (CISO) is a strategic executive responsible for the vision, leadership, and execution of the company's global information security program.This role will safe...Show moreLast updated: 19 days ago
- Promoted
SITA - Lead Specialist - Information Security
SITA INFORMATION NETWORKING COMPUTING INDIAIndia About the job : Overview : WELCOME TO SITA : We're the team that keeps airports moving, airlines flying smoothly, and borders ...Show moreLast updated: 27 days ago
- Promoted
SOC Head
IDFC FIRST BankIndia Responsible for managing the end-to-end operations and strategic evolution of our Security Operations Centre (SOC), Threat Hunting & Incident Response, Threat Intelligence, Digital Forensics, and S...Show moreLast updated: 24 days ago
- Promoted
Manager- Information Security, Vulnerability and Risk Management)
Infosys BPMIndia Role : Manager Information Security (Release Management).Mandatory Skills- Cyber security & Security engineer, Release & Change Management, Vulnerability Management.
Strong understanding of the insur...Show moreLast updated: 30+ days ago
- Promoted
Information Security Manager
MashreqIndia Management : To Strategize, develop and implement Data Protection Controls in coordination with stakeholders across the Organization globally.
To ensure compliance of the Organization with the defin...Show moreLast updated: 24 days ago
- Promoted
Head of Information Security
PixisIndia Pixis is a global AI technology company transforming how brands plan, create, and optimize marketing.Our flagship marketing operating system, Prism, sits at the core of the Pixis platform, using AI...Show moreLast updated: 30+ days ago
- Promoted
Global Information Security Lead
Intas PharmaceuticalsIndia Ownership and accountability for managing the Global Information Security Operations.Identify, mitigate, and manage Revenue, Financial and Brand risks to the organization.Maintain continuous awaren...Show moreLast updated: 28 days ago
- Promoted
Information Technology Compliance Manager
HDFC securitiesIndia Job Title : IT Compliance Manager.HDFC Securities is a leading stockbroking company and a subsidiary of HDFC Bank, one of the world’s largest financial services conglomerates.With a strong emphasis ...Show moreLast updated: 29 days ago
- Promoted
Manager - Information Security (Governance, Risk and Compliance)
NaviIndia About the Team At Navi, the InfoSec team safeguards our digital ecosystem - ensuring the confidentiality, integrity, and availability of critical systems and data.
We lead the charge on cyber risk m...Show moreLast updated: 24 days ago
Information Security Manager
MonetaGo Asia Pacific Private LimitedINQuick Apply