<div><br /> <strong>Job Title: Chief Information Security Officer (CISO)<br /> Location: Mumbai<br /> Reporting To: CEO<br /> Department: IT</strong></div> <div>&nbsp;</div> <div><strong>Role Overview:</strong><br /> The CISO is responsible for ensuring information security by protecting the organization&#39;s assets, applications, systems, and technology while enabling and advancing business objectives.</div> <div>&nbsp;</div> <div><strong>Key Responsibilities:</strong></div> <div>-Develop and implement secure processes and systems to prevent, detect, mitigate, and recover from cyberattacks.</div> <div>-Build and drive cybersecurity strategy, framework, and initiatives to secure the organization&#39;s cyber and technology assets.</div> <div>-Continuously evaluate and manage the organization&#39;s cyber and technology risk posture.</div> <div>-Lead ongoing security awareness training and education for users.</div> <div>-Design and implement disaster recovery protocols and business continuity plans for business resilience.</div> <div>-Ensure compliance with regulatory requirements for cybersecurity (e.g., SEBI circulars), update policies, and facilitate successful IT audits.</div> <div>-Implement and manage cyber governance, risk, and compliance (GRC) processes.</div> <div>-Oversee backup, database management, system management (server monitoring, proactive alerts), and business application support.</div> <div>-Identify opportunities for automation and cost reduction within IT operations.</div> <div>-Lead technology risk management in collaboration with business leaders.</div> <div>-Develop and retain healthy relationships with vendors and service providers.</div> <div>-Monitor technical requirements (e.g., telephone recording, mail archiving) and streamline compliance for regular audits.</div> <div>-Oversee IT project management and implement policies for disaster recovery (DR) and business continuity planning (BCP).</div> <div>&nbsp;</div> <div><strong>Qualifications &amp; Certifications:</strong></div> <div>-Bachelor&rsquo;s/Master&rsquo;s degree in IT, Computer Science, Electronics, MCA, MSc IT, MBA, or Diploma in IT.<br /> -Professional certifications: CISA, CISSP, or DISA (mandatory).</div> <div>Technical &amp; Professional Expertise:</div> <div>-Proficiency in information systems, IT controls, cybersecurity risks, and complex IT networks/infrastructure.</div> <div>-IT governance: Strategic planning, aligning IT with business needs, overseeing IT performance.</div> <div>-Disaster recovery and business continuity management.</div> <div>-Familiarity with cloud computing, AI, machine learning, and emerging technologies to drive digital transformation.</div> <div>-IT risk management: Assess, evaluate, and manage IT risks, regulatory compliance, internal controls.</div> <div>&nbsp;</div> <div><strong>Experience Required:</strong></div> <div>-10 years of relevant experience in IT roles (cybersecurity, networking, application security, etc.), with at least 5 years at a senior management level guiding/managing cyber security initiatives.</div> <div>-Sector experience in mutual funds/financial services is preferred.</div> <div>&nbsp;</div> <div><strong>Essential Competencies &amp; Attributes:</strong></div> <div>Problem solving and analytical skills.</div> <div>Strong interpersonal and persuasive skills.</div> <div>Conflict management.</div> <div>Good communication.</div> <div>Ability to lead teams and deliver projects as per timelines.</div> <div>Understanding stakeholder expectations and setting priorities.</div> <div>&nbsp;</div> <div><strong>Stakeholders:</strong></div> <div>Internal: All employees</div> <div>External: Vendors, service providers<br /> &nbsp;</div>