SR. Executive - Cyber Security

Key Responsibilities

• Ensuring regulatory compliance including compliance with SEBI Regulations, IT Act etc.
• Carry out Risk Assessment for cloud or on-premise applications.
• Review of configuration, hardening of IT system as per CIS benchmarking.
• Review of IT & Cyber Security policies and related standards/procedures for identifying potential risk areas to focus on.
• Lead security risk assessments, vulnerability scanning, and threat modeling across systems, databases, and applications; identify mitigation strategies and oversee remediation
• Handle security operations, investigate security incidents and conclude investigation.
• Manage compliance and audits, facilitating internal/external reviews, regulatory reporting, and adherence to standards like ISO 27001, NIST, and data protection laws.
• Prepare presentations for various committees to place the key risks and controls for management review.
• Assist in implementation and maintaining the cyber & technology risk framework to identify, assess, mitigate, and monitor key risks.
• Securing IT systems by establishing and enforcing policies; defining and monitoring access.
• Collaborate with Business risk team, Enterprise risk team for aligning information security risk with business risk/enterprise risk.
• Contributing to Information Security policy updates.
• Training and awareness for staff on network and information security procedures.
• Ensure role ownership and role functionalities are in line with the Information security.
• Remediation and closure of findings identified during risk assessment.

Qualifications and Skills:

Education: Engineering or IT Graduate.

Experience: 5-6 years exp in Information Security.

Technical Skill: Audit, SEBI regulations, SIEM, VAPT, DLP, TPRM

Soft Skill: Strong coordination, communication for stakeholder engagement, and ability to manage priorities in regulated environments.

Any certification like CISM, ISO27001, etc. is added advantage.