CISO/Deputy CISO

Role : As a CISO You will take ownership of InfoSec related initiatives in the company. You will be managing a talented team of InfoSec and SOC professionals and driving the innovations while meeting the objectives of InfoSec, various audits and Governance. Responsibilities : - Manage the operation and implementation of the IT security strategy - Conduct a continuous assessment of current IT security practices and systems and identifying areas for improvement - Develop, maintain & oversee Information Security policies, processes and standards/ guidelines to address applicable regulatory, PCI DSS & ISO 270001 requirements - Set & manage the compliance program for Information & Cyber Security Requirements (e.g. regulatory standards, ISO27001, PCI-DSS CERT-In) - Deliver new security technology approaches and implementing next generation solutions - Develop and implement business continuity plans in respect of information security - Communicate digital programs and strategy to a range of stakeholders including senior management, employees, vendor partners, etc. - Manage and monitor the IT security budget and InfoSec Audits , query from Regulators etc. Skills : - Candidate should have BFSI experience and should understand the risk and compliance function - Good knowledge and experience of compliance aspect from regulatory point of view and should have ideally been a direct report of a CISO/ Deputy CISO role - Stakeholder management (Internal & RBI) - Conduct a continuous assessment of current IT security practices and systems and identify areas for improvement - Develop and implement business continuity plans in respect of information security - Would prefer if the candidates have direct banking led experience for implementing/ managing info sec aspects (including PCI DSS, RBI Info sec requirements, etc.) - Governance skills including managing audits, anchoring regulatory aspects critically, etc. - Digital leadership skills capable of empowering and leading an IT security team to meet business and IT security goals - Strong understanding of security architecture, including web & cloud technologies and network architecture - Experience in driving and governing audits and practice standardization (PCI , SoX, etc) across multiple teams - Experience in collecting, analysing, and presenting metrics related to information security (training feedback, new content, updated incentive programs) - Knowledge of and experience with technologies and processes such as networks, encryption, vulnerability management, identity and access management, endpoint management, DLP, risk management, and cloud services - Familiarity and understanding of OWASP guidelines - Knowledge of attacker life cycles and defender strategies - Expert problem solver, using proven methods to solve difficult issues effectively - Proven conflict management skills and remains composed under pressure (ref:hirist.tech)

Location: mumbai, IN

Posted Date: 11/24/2024