Head Infosec
Share
Job Location:
Monthly Salary:
Posted on:
2 days ago
Vacancies:
1 Vacancy
Job Summary
Job Description:-
Head Information Security / CISO
Experience: 7 10 years
Role Overview
We are a digital-first NBFC being built from the ground up. As we prepare for go-live we are looking for a
hands-on Information Security Leader to establish and manage the companys cybersecurity data protection
and IT governance framework.
This role will be responsible for designing implementing and continuously improving the organizations
security posture across infrastructure applications cloud data and third-party ecosystems - in alignment
with RBI guidelines and industry best practices.
This is an execution-oriented role suited for a high-potential professional who can build security architecture
from scratch in a fast-paced environment.
Key Responsibilities
1. Security Framework & Governance
Establish and implement the Information Security Policy framework in line with RBI IT Governance Directions.
Develop and maintain policies covering:
Access control
Data protection & encryption
Incident response
Vulnerability management
Third-party security
Implement a structured risk assessment and control testing framework.
2. Cloud & Infrastructure Security
Design secure architecture for cloud environments (AWS/Azure/GCP).
Implement:
IAM controls
Network segmentation
Encryption (at rest & in transit)
Secure DevOps practices
Ensure production environments are hardened and monitored.
3. Application & Product Security
Work closely with Product and Engineering teams to:
Integrate security-by-design
Conduct code reviews and vulnerability scans
Perform VAPT (Vulnerability Assessment & Penetration Testing)
Ensure secure API architecture and integration practices.
4. Regulatory & Compliance Alignment
Ensure adherence to:
RBI IT Governance Guidelines
Data localization requirements
KYC/AML data protection norms
Support RBI inspections and provide required documentation.
Maintain compliance audit readiness at all times.
Experience: 7 10 years
Role Overview
We are a digital-first NBFC being built from the ground up. As we prepare for go-live we are looking for a
hands-on Information Security Leader to establish and manage the companys cybersecurity data protection
and IT governance framework.
This role will be responsible for designing implementing and continuously improving the organizations
security posture across infrastructure applications cloud data and third-party ecosystems - in alignment
with RBI guidelines and industry best practices.
This is an execution-oriented role suited for a high-potential professional who can build security architecture
from scratch in a fast-paced environment.
Key Responsibilities
1. Security Framework & Governance
Establish and implement the Information Security Policy framework in line with RBI IT Governance Directions.
Develop and maintain policies covering:
Access control
Data protection & encryption
Incident response
Vulnerability management
Third-party security
Implement a structured risk assessment and control testing framework.
2. Cloud & Infrastructure Security
Design secure architecture for cloud environments (AWS/Azure/GCP).
Implement:
IAM controls
Network segmentation
Encryption (at rest & in transit)
Secure DevOps practices
Ensure production environments are hardened and monitored.
3. Application & Product Security
Work closely with Product and Engineering teams to:
Integrate security-by-design
Conduct code reviews and vulnerability scans
Perform VAPT (Vulnerability Assessment & Penetration Testing)
Ensure secure API architecture and integration practices.
4. Regulatory & Compliance Alignment
Ensure adherence to:
RBI IT Governance Guidelines
Data localization requirements
KYC/AML data protection norms
Support RBI inspections and provide required documentation.
Maintain compliance audit readiness at all times.
