We are seeking an experienced Chief Information Security Officer (CISO) who will lead Information and Cyber Security Programs at IndiaBonds.
The CISO will ensure that the company’s information security posture is aligned with internal business objectives and external regulatory requirements, particularly those of the relevant financial regulatory authorities.
The role also encompasses leadership over cloud security, cybersecurity risk management, incident response, and compliance efforts to safeguard the organisation from data breaches, cyber-attacks, and other security risks.
Job Requirements
Develop and Implement Cloud Security Strategy – Design, implement, and manage a comprehensive cloud security strategy to protect the cloud and on-prem infrastructure, customer data, and financial transactions hosted on AWS cloud platform.
Cloud Security Architecture Oversight – Oversee the secure design and deployment of cloud-based applications, infrastructure, and systems. Ensure proper encryption, identity management, and access controls are in place.
Risk Management in Cloud Infrastructure – Continuously assess and mitigate security risks specific to cloud environments, including data breaches, DDoS attacks, misconfigurations, and cloud-native threats. Ensure that cloud security aligns with the organization’s overall risk management framework.
Incident Response and Cloud Threat Management – Lead the cybersecurity incident response team in managing and responding to security breaches in the cloud infrastructure. Deploy and manage continuous monitoring tools, SIEM systems, and cloud-native security solutions to detect and respond to security threats in real time across the cloud infrastructure.
Cloud Access Management and Identity Security – Ensure strict access controls are implemented using identity and access management (IAM) tools, including role-based access control (RBAC), multi-factor authentication (MFA), and privileged access management for cloud-based resources.
Cloud Security Audits and Penetration Testing – Oversee regular cloud security audits, vulnerability assessments, and penetration tests to identify weaknesses in the cloud environment. Ensure timely remediation of vulnerabilities in compliance with financial regulations.
Disaster Recovery and Business Continuity for Cloud Services – Ensure the organization has a robust disaster recovery and business continuity plan in place for its cloud infrastructure, covering scenarios such as cloud service outages, data loss, or cyber-attacks.
Ensure Regulatory Compliance – Ensure full compliance with relevant financial regulatory requirements (SEBI), including data privacy, reporting standards, and cybersecurity directives for brokers operating in cloud environments.
Governance, Risk, and Compliance Reporting – Establish governance structures for cloud security, including regular reporting to the executive team and Board on the organization’s cloud security posture, risk assessments, and regulatory compliance status.
Regulatory Incident Notification – Ensure the proper procedures are in place for notifying regulatory bodies and affected customers in the event of a security breach or data compromise, by financial industry breach notification requirements.
Vendor and Third-Party Risk Management – Evaluate and monitor cloud service providers and third-party vendors to ensure they meet regulatory and security standards. Ensure all third-party agreements include stringent cybersecurity provisions.
Collaborate with IT and Development Teams – Work closely with IT, DevOps, and development teams to ensure secure coding practices, secure configuration of cloud infrastructure, and adherence to the “shift-left” security model in cloud deployments.
Setting up Security Best Practises – Work closely with cross-functional teams to set best practices for Information Security and get the organisation ready for certifications like ISO 27001, GDPR, SEBI/RBI audits, Banking audits etc
Educational Qualifications & Skills
Must have skills:
Experience in Information Security and Cyber-Security covering all functions of the security operations
Financial services domain experience required.
Proven ability to establish and implement information security policies and procedures in the financial sector regulated by either SEBI or RBI.
Experience working on setting up best practices with respect to Cloud security with AWS.
Experience in working with threat intelligence platforms and SOC continuous monitoring.
Experience in cyber incident response and cyber operations.
Strong communication and stakeholder management.
Good to have:
Certifications like CISSP, CISM, CISA, CEH are preferred
Background of managing security in Banking, Securities or Mutual Fund is preferred
Educational Qualification: Bachelors/Master’s degree in Computer Science, information technology or Cyber security
What we offer
Exceptional Healthcare Coverage – In sickness & in health, we stand strong with our natives, we got you covered with comprehensive health insurance packages.
Fast-Paced FinTech Environment – Cutting Edge Fintech will surely foster your personal & professional growth
Competitive Salary – We value skills & talent; and our salaries are calculated based on industry-benchmarked skills and location.
About the Job
We are seeking an experienced Chief Information Security Officer (CISO) who will lead Information and Cyber Security Programs at IndiaBonds.
The CISO will ensure that the company’s information security posture is aligned with internal business objectives and external regulatory requirements, particularly those of the relevant financial regulatory authorities.
The role also encompasses leadership over cloud security, cybersecurity risk management, incident response, and compliance efforts to safeguard the organisation from data breaches, cyber-attacks, and other security risks.
Job Requirements
Develop and Implement Cloud Security Strategy – Design, implement, and manage a comprehensive cloud security strategy to protect the cloud and on-prem infrastructure, customer data, and financial transactions hosted on AWS cloud platform.
Cloud Security Architecture Oversight – Oversee the secure design and deployment of cloud-based applications, infrastructure, and systems. Ensure proper encryption, identity management, and access controls are in place.
Risk Management in Cloud Infrastructure – Continuously assess and mitigate security risks specific to cloud environments, including data breaches, DDoS attacks, misconfigurations, and cloud-native threats. Ensure that cloud security aligns with the organization’s overall risk management framework.
Incident Response and Cloud Threat Management – Lead the cybersecurity incident response team in managing and responding to security breaches in the cloud infrastructure. Deploy and manage continuous monitoring tools, SIEM systems, and cloud-native security solutions to detect and respond to security threats in real time across the cloud infrastructure.
Cloud Access Management and Identity Security – Ensure strict access controls are implemented using identity and access management (IAM) tools, including role-based access control (RBAC), multi-factor authentication (MFA), and privileged access management for cloud-based resources.
Cloud Security Audits and Penetration Testing – Oversee regular cloud security audits, vulnerability assessments, and penetration tests to identify weaknesses in the cloud environment. Ensure timely remediation of vulnerabilities in compliance with financial regulations.
Disaster Recovery and Business Continuity for Cloud Services – Ensure the organization has a robust disaster recovery and business continuity plan in place for its cloud infrastructure, covering scenarios such as cloud service outages, data loss, or cyber-attacks.
Ensure Regulatory Compliance – Ensure full compliance with relevant financial regulatory requirements (SEBI), including data privacy, reporting standards, and cybersecurity directives for brokers operating in cloud environments.
Governance, Risk, and Compliance Reporting – Establish governance structures for cloud security, including regular reporting to the executive team and Board on the organization’s cloud security posture, risk assessments, and regulatory compliance status.
Regulatory Incident Notification – Ensure the proper procedures are in place for notifying regulatory bodies and affected customers in the event of a security breach or data compromise, by financial industry breach notification requirements.
Vendor and Third-Party Risk Management – Evaluate and monitor cloud service providers and third-party vendors to ensure they meet regulatory and security standards. Ensure all third-party agreements include stringent cybersecurity provisions.
Collaborate with IT and Development Teams – Work closely with IT, DevOps, and development teams to ensure secure coding practices, secure configuration of cloud infrastructure, and adherence to the “shift-left” security model in cloud deployments.
Setting up Security Best Practises – Work closely with cross-functional teams to set best practices for Information Security and get the organisation ready for certifications like ISO 27001, GDPR, SEBI/RBI audits, Banking audits etc
What we offer
Exceptional Healthcare Coverage – In sickness & in health, we stand strong with our natives, we got you covered with comprehensive health insurance packages.
Fast-Paced FinTech Environment – Cutting Edge Fintech will surely foster your personal & professional growth
Competitive Salary – We value skills & talent; and our salaries are calculated based on industry-benchmarked skills and location.
1 month ago 
3 to 7 years
Mumbai
Kalina, BKC, Mumbai
Kalina, BKC, Mumbai
Whatsapp
Email
Link copied successfully
