Security Engineer [InfoSec and Complianc...

Muthoot

1 - 5 years

Bengaluru

Posted: 27/06/2025

Job Description

Role Profile

Security Engineer [InfoSec and Compliance]

May 2025

ROLE SPECIFICATION

Role Title	Security Engineer [Infosec and Compliance]
Employee Interviewed
Reports To	HEAD OF TECHNOLOGY
Company	MFL ONE
Function/Department	Engineering
Location	Bangalore
Written By	Bhuvaneswaran S
Approved By (Functional)	MURALIDHAR NAYAK
Approved By (People & Culture)	Bhuvaneswaran S
Date (Written On)	May 2025

ROLE SUMMARY (PURPOSE)

We are looking for an experienced Information Security and Compliance Engineer to design and enforce policies and procedures that protect MFL customers’ data from security breaches. You will be responsible for implementing policies and procedures aligned with standards, frameworks, and regulations, including RBI guidelines for NBFCs.

ORGANIZATIONAL CHART

KEY RESPONSIBILITIES

Conduct internal audits and risk assessments to ensure compliance and improve ISMS of the organization as per industry standards.
Develop, implement, and improve security policies, processes, and procedures.
Monitor regulatory changes, manage compliance audits, and prepare reports for management and regulators.
Provide training and guidance on compliance policies and best practices.
Identify and mitigate risks across roles, software, and information categories.
Track KPIs, analyse ISMS performance, and enhance efficiency.
Respond to regulatory requests and ensure timely compliance reporting.

KEY INTERACTIONS

Internal Stakeholders

External Stakeholders

· Engineering / Software Development
· Cloud/DevOps Teams
· Cybersecurity
· IT Infra and Networks
· HR, People Ops
· Legal, Compliance
· Internal Audit team

External Audit Team
Regulators
Third Party Providers/Vendors
External VA PT

KEY SKILLS & BEHAVIOURAL ATTRIBUTES

Excellent problem-solving and analytical skills
Ability to educate a non-technical audience about various security measures
Effective verbal and written communication skills
Fluent in English (both written and spoken)

EDUCATION / EXPERIENCE

Degree in Computer Science, Information Security, Technology, Cybersecurity, or a related field.
Solid knowledge of various information security frameworks (e.g., ISO 27001, PCI DSS), GRC principles, and security domains [e.g., risk management, incident response, access control, etc.]
Experience participating in compliance audits, risk management and investigations
in the banking or NBFC industry.
In-depth knowledge of RBI IT regulations and their application to IT systems and
processes.
Excellent problem-solving and analytical skills
Ability to educate a non-technical audience about various security measures
Effective verbal and written communication skills; documentation and presentation skills.
Fluent in English (both written and spoken)

About Company

Muthoot Finance Ltd. is India’s largest Non-Banking Financial Company (NBFC) specializing in gold loans. Headquartered in Kochi, Kerala, the company offers a wide range of financial services including personal loans, insurance, money transfer, forex, and microfinance. Its core business is providing instant loans against gold jewellery, primarily serving the unbanked and underserved population across urban and rural India. With over 6,000 branches and a strong presence in international markets like the UAE, USA, and UK, Muthoot Finance is known for its deep-rooted trust, operational scale, and strong commitment to financial inclusion. The company is publicly listed and regulated by the Reserve Bank of India.

Security Engineer [InfoSec and Complianc...

Muthoot

Job Description

About Company

Services you might be interested in

One-Shot Campaign