Cyber Security - Information Security Officer

As a highly experienced Information Security professional, you will be responsible for the following key responsibilities: Role Overview: You will be required to develop and execute a comprehensive information security strategy aligned with business objectives and growth trajectory. This includes establishing and maintaining an enterprise-wide information security governance framework, policies, standards, and procedures. Furthermore, you will build and lead a security vertical capable of supporting distributed operations across 38,000+ villages. You will also own the security budget and ensure optimal resource allocation for maximum risk reduction. Key Responsibilities: - Design and implement a robust risk management framework for identifying, assessing, and mitigating information security risks - Ensure compliance with RBI cybersecurity guidelines for NBFCs and digital lending regulations - Maintain compliance with IRDAI requirements for insurance distribution and data protection - Oversee compliance with IT Act 2000, Digital Personal Data Protection Act (DPDPA) 2023, and other relevant Indian regulations - Conduct regular security risk assessments and present findings to senior management and board - Design secure technology architecture for the digital lending platform, mobile applications, and franchise management systems - Implement and oversee security operations center (SOC) capabilities including monitoring, incident detection, and response - Establish robust identity and access management (IAM) frameworks for employees, franchise partners, and customers - Secure data infrastructure including customer KYC data, financial records, and transaction information - Implement data loss prevention (DLP), encryption, and data classification programs - Develop and implement comprehensive fraud detection and prevention strategies for lending and insurance operations - Establish controls to prevent identity theft, application fraud, and account takeover across digital channels - Implement transaction monitoring and anomaly detection systems - Build fraud awareness programs for Branches and franchise network - Manage communication protocols for security incidents including customer notification and regulatory reporting Qualifications Required: - Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field (Master's degree preferred) - CISA, CEH, CGEIT, CRISC, or cloud security certifications - 12+ years of progressive experience in information security, with at least 5 years in leadership roles - Experience in financial services, fintech, or NBFC environment strongly preferred - Expertise in cloud security (AWS, Azure, GCP) - Familiarity with fraud detection systems and machine learning for security - Demonstrable working knowledge of data privacy principles and data protection techniques About the Company: Our client is Indias first household-centric, data-led 'high-tech, high-touch distribution platform catering to rural India's financial and productivity needs. They view rural households as cohesive economic units and leverage technology and data to empower their on-ground presence effectively. As a highly experienced Information Security professional, you will be responsible for the following key responsibilities: Role Overview: You will be required to develop and execute a comprehensive information security strategy aligned with business objectives and growth trajectory. This includes establishing and maintaining an enterprise-wide information security governance framework, policies, standards, and procedures. Furthermore, you will build and lead a security vertical capable of supporting distributed operations across 38,000+ villages. You will also own the security budget and ensure optimal resource allocation for maximum risk reduction. Key Responsibilities: - Design and implement a robust risk management framework for identifying, assessing, and mitigating information security risks - Ensure compliance with RBI cybersecurity guidelines for NBFCs and digital lending regulations - Maintain compliance with IRDAI requirements for insurance distribution and data protection - Oversee compliance with IT Act 2000, Digital Personal Data Protection Act (DPDPA) 2023, and other relevant Indian regulations - Conduct regular security risk assessments and present findings to senior management and board - Design secure technology architecture for the digital lending platform, mobile applications, and franchise management systems - Implement and oversee security operations center (SOC) capabilities including monitoring, incident detection, and response - Establish robust identity and access management (IAM) frameworks for employees, franchise partners, and customers - Secure data infrastructure including customer KYC data, financial records, and transaction information - Implement data loss prevention (DLP), encryption, and data classification programs - Develop and implement