Explore How it works? Bond Directory KYC

< CISO, IT Infra

Mumbai

8 - 12 years

IT Infra


About the Job

    • We are seeking an experienced Chief Information Security Officer (CISO) who will lead Information and Cyber Security Programs at IndiaBonds.  
    • The CISO will ensure that the company’s information security posture is aligned with internal business objectives and external regulatory requirements, particularly those of the relevant financial regulatory authorities.  
    • The role also encompasses leadership over cloud security, cybersecurity risk management, incident response, and compliance efforts to safeguard the organisation from data breaches, cyber-attacks, and other security risks.

Job Requirements

    • Develop and Implement Cloud Security Strategy – Design, implement, and manage a comprehensive cloud security strategy to protect the cloud and on-prem infrastructure, customer data, and financial transactions hosted on AWS cloud platform. 
    • Cloud Security Architecture Oversight – Oversee the secure design and deployment of cloud-based applications, infrastructure, and systems. Ensure proper encryption, identity management, and access controls are in place. 
    • Risk Management in Cloud Infrastructure – Continuously assess and mitigate security risks specific to cloud environments, including data breaches, DDoS attacks, misconfigurations, and cloud-native threats. Ensure that cloud security aligns with the organization’s overall risk management framework. 
    • Incident Response and Cloud Threat Management – Lead the cybersecurity incident response team in managing and responding to security breaches in the cloud infrastructure. Deploy and manage continuous monitoring tools, SIEM systems, and cloud-native security solutions to detect and respond to security threats in real time across the cloud infrastructure. 
    • Cloud Access Management and Identity Security – Ensure strict access controls are implemented using identity and access management (IAM) tools, including role-based access control (RBAC), multi-factor authentication (MFA), and privileged access management for cloud-based resources. 
    • Cloud Security Audits and Penetration Testing – Oversee regular cloud security audits, vulnerability assessments, and penetration tests to identify weaknesses in the cloud environment. Ensure timely remediation of vulnerabilities in compliance with financial regulations. 
    • Disaster Recovery and Business Continuity for Cloud Services – Ensure the organization has a robust disaster recovery and business continuity plan in place for its cloud infrastructure, covering scenarios such as cloud service outages, data loss, or cyber-attacks. 
    • Ensure Regulatory Compliance – Ensure full compliance with relevant financial regulatory requirements (SEBI), including data privacy, reporting standards, and cybersecurity directives for brokers operating in cloud environments. 
    • Governance, Risk, and Compliance Reporting – Establish governance structures for cloud security, including regular reporting to the executive team and Board on the organization’s cloud security posture, risk assessments, and regulatory compliance status. 
    • Regulatory Incident Notification – Ensure the proper procedures are in place for notifying regulatory bodies and affected customers in the event of a security breach or data compromise, by financial industry breach notification requirements. 
    • Vendor and Third-Party Risk Management – Evaluate and monitor cloud service providers and third-party vendors to ensure they meet regulatory and security standards. Ensure all third-party agreements include stringent cybersecurity provisions. 
    • Collaborate with IT and Development Teams – Work closely with IT, DevOps, and development teams to ensure secure coding practices, secure configuration of cloud infrastructure, and adherence to the “shift-left” security model in cloud deployments. 
    • Setting up Security Best Practises  – Work closely with cross-functional teams to set best practices for Information Security and get the organisation ready for certifications like ISO 27001, GDPR, SEBI/RBI audits, Banking audits etc 

Educational Qualifications & Skills

    • Must have skills:
      • Experience in Information Security and Cyber-Security covering all functions of the security operations
      • Financial services domain experience required.
      • Proven ability to establish and implement information security policies and procedures in the financial sector regulated by either SEBI or RBI.
      • Experience working on setting up best practices with respect to Cloud security with AWS.
      • Experience in working with threat intelligence platforms and SOC continuous monitoring.
      • Experience in cyber incident response and cyber operations.
      • Strong communication and stakeholder management.
    • Good to have:
      • Certifications like CISSP, CISM, CISA, CEH are preferred
      • Background of managing security in Banking, Securities or Mutual Fund is preferred
    • Educational Qualification: Bachelors/Master’s degree in Computer Science, information technology or Cyber security

What we offer

    • Exceptional Healthcare Coverage – In sickness & in health, we stand strong with our natives, we got you covered with comprehensive health insurance packages. 
    • Fast-Paced FinTech Environment – Cutting Edge Fintech will surely foster your personal & professional growth 
    • Competitive Salary – We value skills & talent; and our salaries are calculated based on industry-benchmarked skills and location.


More Job Openings


2 months ago

Accountant

Kalina, BKC, Mumbai

3 to 7 years

3 months ago

CISO

Mumbai

8 - 12 years

5 months ago

HRBP

Kalina, BKC, Mumbai

5 - 10 years

8 months ago

Channel Partner Acquisition

Kalina, BKC, Mumbai

3 to 6 years