Chief Information Security Officer - NBFC

Position: Chief Information Security Officer (CISO)

Location: Thrissur, Kerala, India

About the Role:

An established Non-Banking Financial Company (NBFC) headquartered in Thrissur, Kerala, is looking for an experienced and strategic Chief Information Security Officer (CISO). This role is responsible for setting and executing the vision, strategy, and program to protect all information assets and technologies within the organization. The ideal candidate will bring extensive expertise in cybersecurity, risk management, and regulatory compliance, with a strong focus on the financial services sector.

Key Responsibilities:

- Develop and implement comprehensive information security strategies, policies, standards, and procedures aligned with industry best practices and regulatory standards.

- Lead the creation and maintenance of robust security controls to protect all information assets, including networks, systems, applications, and data.

- Conduct regular risk and vulnerability assessments to identify and mitigate potential security threats.

- Establish incident response and business continuity plans for effective recovery from security incidents or breaches.

- Collaborate with IT, risk management, compliance, and legal teams to integrate security into all business processes.

- Stay updated on emerging security threats, industry trends, and technologies, advising on best practices and innovations.

- Oversee security awareness and training programs to ensure a culture of security throughout the organization.

- Act as the primary liaison for internal and external stakeholders, including regulatory agencies, auditors, and vendors, on all security matters.

- Regularly report to executive leadership and the board on the organization's information security posture and improvements.

Qualifications:

- Bachelor's or Master's degree in Computer Science, Information Technology, Cybersecurity, or a related discipline.

- 10-15 years of experience in information security, with a minimum of 5 years in a leadership role, preferably within the financial services sector.

- In-depth understanding of security frameworks and standards, such as ISO 27001, NIST Cybersecurity Framework, GDPR, and PCI DSS.

- Strong knowledge of networking, systems architecture, and cloud computing.

- Demonstrated experience in risk assessment, penetration testing, and security audits.

- Excellent communication skills to translate technical concepts for non-technical stakeholders.

- Relevant certifications (e.g., CISSP, CISM, CRISC) are highly preferred.

- Proven ability to lead security initiatives and deliver results in a dynamic environment.

Location: Thrissur, Kerala, India. Some travel may be required for meetings, conferences, or training.

Benefits:

- Competitive salary based on experience and qualifications.

- Health insurance coverage for employees and dependents.

- Retirement savings plan with employer contributions.

- Professional development support, including certification and education opportunities.

- Wellness programs and initiatives to promote work-life balance.

- This role is ideal for a cybersecurity leader passionate about developing and overseeing high-impact security programs in a fast-paced financial environment.