Job Title

Role OverviewThe Chief Information Security Officer (CISO) will be responsible for defining and executing the enterprise-wide information security strategy for a mid-sized NBFC, ensuring regulatory compliance, cyber resilience, and alignment with business growth objectives.Reporting & StructureReports to: CRO / MDLeads: Information Security, SOC, Risk & Compliance teamsKey Responsibilities1. Security Strategy & GovernanceDefine and independently lead enterprise information security strategyAlign with RBI, CERT-In, ISO 27001, DPDP Act, IT ActTranslate security into business risk frameworks2. Regulatory & Board EngagementInterface with:Board & Risk CommitteeRBI / CERT-InLead audits, regulatory reviews, and compliance programs3. Security Infrastructure & TransformationBuild/scale end-to-end security architectureSet up or enhance SOC (SIEM, XDR, MSSPs, dashboards)Drive cloud, network, endpoint, and data security4. Risk & Incident ManagementEstablish enterprise-wide cyber risk frameworkLead incident response, BCP, and resilience planning5. Security OperationsOversee:Firewalls, patching, monitoringThreat detection and responseManage vendor ecosystem (MSSPs, OEMs)6. Culture & AwarenessBuild a security-first cultureDrive enterprise-wide awareness and training7. Leadership & Stakeholder ManagementLead high-performing IS teamsAlign security with business growth & AUM expansionCandidate ProfileBE/MCA12–22 years total experience8–10+ years in IT/Information Security8–10+ years in Banking/NBFC (Indian ecosystem)3–5+ years as CISO / D-CISO / Security HeadExperience in ₹300–2000+ Cr AUM environmentCertifications: CISM / CISSP / ISO 27001 / CISALocation: Mumbai / Pune preferred