Job Title: Chief Information Security Officer (CISO)
Location: Mumbai
Reporting To: CEO
Department: IT

 

Role Overview:
The CISO is responsible for ensuring information security by protecting the organization's assets, applications, systems, and technology while enabling and advancing business objectives.

 

-Develop and implement secure processes and systems to prevent, detect, mitigate, and recover from cyberattacks.

-Build and drive cybersecurity strategy, framework, and initiatives to secure the organization's cyber and technology assets.

-Continuously evaluate and manage the organization's cyber and technology risk posture.

-Lead ongoing security awareness training and education for users.

-Design and implement disaster recovery protocols and business continuity plans for business resilience.

-Ensure compliance with regulatory requirements for cybersecurity (e.g., SEBI circulars), update policies, and facilitate successful IT audits.

-Implement and manage cyber governance, risk, and compliance (GRC) processes.

-Oversee backup, database management, system management (server monitoring, proactive alerts), and business application support.

-Identify opportunities for automation and cost reduction within IT operations.

-Lead technology risk management in collaboration with business leaders.

-Develop and retain healthy relationships with vendors and service providers.

-Monitor technical requirements (e.g., telephone recording, mail archiving) and streamline compliance for regular audits.

-Oversee IT project management and implement policies for disaster recovery (DR) and business continuity planning (BCP).

 

-Bachelor’s/Master’s degree in IT, Computer Science, Electronics, MCA, MSc IT, MBA, or Diploma in IT.
-Professional certifications: CISA, CISSP, or DISA (mandatory).

Technical & Professional Expertise:

-Proficiency in information systems, IT controls, cybersecurity risks, and complex IT networks/infrastructure.

-IT governance: Strategic planning, aligning IT with business needs, overseeing IT performance.

-Disaster recovery and business continuity management.

-Familiarity with cloud computing, AI, machine learning, and emerging technologies to drive digital transformation.

-IT risk management: Assess, evaluate, and manage IT risks, regulatory compliance, internal controls.

 

-10 years of relevant experience in IT roles (cybersecurity, networking, application security, etc.), with at least 5 years at a senior management level guiding/managing cyber security initiatives.

-Sector experience in mutual funds/financial services is preferred.

 

Problem solving and analytical skills.

Strong interpersonal and persuasive skills.

Conflict management.

Good communication.

Ability to lead teams and deliver projects as per timelines.

Understanding stakeholder expectations and setting priorities.

 

Internal: All employees

External: Vendors, service providers