Cyber Information Security Officer - Bank

Cyber Information Security Officer (CISO) - (Co-Operative Bank)

Job Title : Cyber Information Security Officer (CISO)

Location : Ahmedabad

CTC : 22-25 Lacs

Experience : Minimum 10 years of experience with recent 5 years as CISO, preferably in the banking industry, with expertise in RBI's cyber security framework, ISO 27001/ 22301 standard, etc.

Qualifications required : Certified Information System Auditor (CISA) or Certified Information System Security Professional (CISSP)

CISO Job Role :

Governance :

- Overall responsible for leading the information and cyber security initiatives of the bank. Create, update and maintain the bank's information and cyber security policy, strategy and framework. Alignment of information security with business strategy to support organizational objectives

- Review the performance of the Information & Cyber security program and report it to the management through various committees (weekly, IT committee, and Audit committee) through presentations/ status reports, etc.

- Submission of office note to the board of directors for quarterly cyber security posture review as per RBI guidelines

- Responsible for overall information security, business continuity, and cyber security governance by overseeing below listed (but not limited to) activities: - Policy review, revision, communication, and enforcement -

Overseeing the management of technical vulnerabilities and threats :

- Review the effectiveness of implemented controls, and procedures Internal & External audits are planned, executed, and concluded with minimum noncompliance. Closure of internal and external audits is done as per the stipulated timeline. Ensuring continuity of ISO 27001 (Information security management system-ISMS & ISO 22301 (Business continuity management system-BCMS) certificates

- Ensuring external IS audits concluded with the least number of major nonconformity and submit compliance in a timely manner in coordination with process owners, HOD - Develop & strengthens the culture of information and cyber security through periodical awareness and assessments amongst staff members including top management, customers, and vendors. Overseeing phishing simulation activities

- Participate in product/ solution/ service evaluation specific to information and cyber security matters and provide recommendations

- Define the internal and external audit scope and audit criteria in line with regulatory and legal requirements and present them to the committee for approval

- Participate in the selection process of external audit agencies on a yearly/ two-yearly basis from requirement drafting, and communication to issuing and execution of audit assignment

- Management of the performance of information & cyber security by measuring, monitoring, and reporting information/cyber security governance metrics to ensure that organizational objectives are achieved

- Managing contracts, SLAs, and other terms with outsourced service providers along with their post-onboarding verification i.e. performance evaluation. Collecting compliance artifacts from third parties

- Overall supervision of information & cyber security team's departmental activities and ensuring competence/ skill set within the team by nominating person resources to various training/ webinars/ awareness sessions in coordination with HR

- Maintain CISO function SOP/ Manual and relevant documents

Risk :

- Define risk management and BIA (Business Impact Analysis) framework to identify, assess, mitigate, and overall information and cyber security risk with its impacts considering the baselines from different internal and external contexts, regulatory requirement change/ addition, change in the threat landscape, the incident happened outside, the result of audit and security assessment

- Identification of information and cyber security risks and severity-based reporting to the process owner, HOD, various committees, and board with recommendations on mitigation

- Carry out information and cyber security risk assessment, maintain records & reporting with the recommendation of risk treatment

Compliance :

- Responsible for carrying out gap assessment and ensuring adherence and compliance with the information and cyber security requirements for:

- RBI cyber security framework for UCBs circular requirements

- Alerts and advisories specific to information & cyber security audits including submission and reporting to them.

- Responsible for taking, and coordinating action on any letter issued by the regulatory authority on non-compliance with information and cyber security measures

- Act as a single point of contact to demonstrate compliance during RBI and their OSS, CSITE Cell, and ReBIT inspection. Timely submission of compliance response with suitable action against reported findings

- Coordination with HODs and other regulatory authorities like NPCI, PFRDA, SEBI/ NSDL for submission of compliance specific to information and cyber security

- Responsible for approving and submitting SWIFT customer security program KYC attestation

Cyber Security Specific Activities :

- Overseeing the CSOC (Cyber Security Operation Center) function and ensuring appropriate cyber incident response with collaborated approach including (but not limited to below)

- Review of C-SOC portal for cyber threat posture for the bank and ensure timely incident response against reported events/ incidents

- Timely blocking of indicators of compromise (IOC) is done against malware/ransomware/ phishing/ hacking/ cyber threat advisories, Notification and tracking action on vulnerability/ advisory/ alert

- Coordination, follow-up, and tracking with Paladion/Atos' s Cyber SOC team for device integration, use case reviews, monitoring, and relevant action

- Monthly review meeting with Paladion CSOC team

- Review daily monthly threat advisories, security digest, and plan relevant action after coordination with the IT & SOC team

- Participating in IDRBT CISO forum meeting for UCBs

- Participating in cyber drills organized by CSITE Cell-RBI, Cert-In, and IDRBT, identifying attack scenarios, methods, attacker IP, and submission of the report

- Overall responsible for digital risk protection services i.e. brand protection and dark/ deep/ surface web and cybercrime forum monitoring. (1) phishing website/ domain (2) rogue mobile apps and initiate takedown if it is found in suspicious activity (3) dark/ deep/ surface web and cybercrime forum for sensitive information like card details - and relevant action if any

- Coordination with IT, complaint department, cybercrime police, ATM department, branch managers, and legal and compliance departments for cybercrime/ cyber fraud-related matters

- Managing continuous VAPT/ web application security assessment for third-party applications. Managing VAPT/ application security assessment and code security review for in-house developed application - conducting the assessment, report submission, tracking it till closure, and reporting risks with recommendations

- Internal monitoring of antimalware solution, Network activities, etc., sending alerts/ notifications and initiating, coordination action/ response on it in coordination with IT/ reporter

- Action on threat intelligence received through Cert-In, US-Cert, VAPT provider, digital risk protection service, NCIIPC, IDRBT, and any other sources

- Server and network security control effective measurement and their internal audits"