Add office photos

IndiaBonds

Compare

based on 7 Reviews

7 IndiaBonds Jobs

CISO Professional

IndiaBonds

based on 7 Reviews

8-12 years

Mumbai

1 vacancy

CISO Professional

IndiaBonds

posted 6mon ago

Flexible timing

Key skills for the job

+ 4 more

About the Job

We are seeking an experienced Chief Information Security Officer (CISO) who will lead Information and Cyber Security Programs at IndiaBonds.

The CISO will ensure that the company s information security posture is aligned with internal business objectives and external regulatory requirements, particularly those of the relevant financial regulatory authorities.

The role also encompasses leadership over cloud security, cybersecurity risk management, incident response, and compliance efforts to safeguard the organisation from data breaches, cyber-attacks, and other security risks.

Job Requirements

Develop and Implement Cloud Security Strategy Design, implement, and manage a comprehensive cloud security strategy to protect the cloud and on-prem infrastructure, customer data, and financial transactions hosted on AWS cloud platform.

Cloud Security Architecture Oversight Oversee the secure design and deployment of cloud-based applications, infrastructure, and systems. Ensure proper encryption, identity management, and access controls are in place.

Risk Management in Cloud Infrastructure Continuously assess and mitigate security risks specific to cloud environments, including data breaches, DDoS attacks, misconfigurations, and cloud-native threats. Ensure that cloud security aligns with the organization s overall risk management framework.

Incident Response and Cloud Threat Management Lead the cybersecurity incident response team in managing and responding to security breaches in the cloud infrastructure. Deploy and manage continuous monitoring tools, SIEM systems, and cloud-native security solutions to detect and respond to security threats in real time across the cloud infrastructure.

Cloud Access Management and Identity Security Ensure strict access controls are implemented using identity and access management (IAM) tools, including role-based access control (RBAC), multi-factor authentication (MFA), and privileged access management for cloud-based resources.

Cloud Security Audits and Penetration Testing Oversee regular cloud security audits, vulnerability assessments, and penetration tests to identify weaknesses in the cloud environment. Ensure timely remediation of vulnerabilities in compliance with financial regulations.

Disaster Recovery and Business Continuity for Cloud Services Ensure the organization has a robust disaster recovery and business continuity plan in place for its cloud infrastructure, covering scenarios such as cloud service outages, data loss, or cyber-attacks.

Ensure Regulatory Compliance Ensure full compliance with relevant financial regulatory requirements (SEBI), including data privacy, reporting standards, and cybersecurity directives for brokers operating in cloud environments.

Governance, Risk, and Compliance Reporting Establish governance structures for cloud security, including regular reporting to the executive team and Board on the organization s cloud security posture, risk assessments, and regulatory compliance status.

Regulatory Incident Notification Ensure the proper procedures are in place for notifying regulatory bodies and affected customers in the event of a security breach or data compromise, by financial industry breach notification requirements.

Vendor and Third-Party Risk Management Evaluate and monitor cloud service providers and third-party vendors to ensure they meet regulatory and security standards. Ensure all third-party agreements include stringent cybersecurity provisions.

Collaborate with IT and Development Teams Work closely with IT, DevOps, and development teams to ensure secure coding practices, secure configuration of cloud infrastructure, and adherence to the shift-left security model in cloud deployments.

Setting up Security Best Practises Work closely with cross-functional teams to set best practices for Information Security and get the organisation ready for certifications like ISO 27001, GDPR, SEBI/RBI audits, Banking audits etc

Educational Qualifications Skills

Must have skills :
- Experience in Information Security and Cyber-Security covering all functions of the security operations
- Financial services domain experience required.
- Proven ability to establish and implement information security policies and procedures in the financial sector regulated by either SEBI or RBI.
- Experience working on setting up best practices with respect to Cloud security with AWS.
- Experience in working with threat intelligence platforms and SOC continuous monitoring.
- Experience in cyber incident response and cyber operations.
- Strong communication and stakeholder management.
Good to have :
- Certifications like CISSP, CISM, CISA, CEH are preferred
- Background of managing security in Banking, Securities or Mutual Fund is preferred
Educational Qualification : Bachelors/Master s degree in Computer Science, information technology or Cyber security

What we offer

Exceptional Healthcare Coverage - In sickness in health, we stand strong with our natives, we got you covered with comprehensive health insurance packages.