Chief Information Security Officer

Position:

Location:

Type:

Required Qualification:

Required Experience:

About the Company:

Digamber Capfin Limited started in the magnificent land of Rajasthan, Jaipur in 1995 with a sole mission to empower rural Indian minds with a range of financial services is today one of the leading providers of MFI Loans in the state with over 209 branches and more than 1763 employees working every day to enable the rural population to succeed and grow, we are striving to make a change in the society.

Having focused to serve the underprivileged who live in remote villages and who don’t have access to formal credit, Digamber Finance choose to lend a helping hand to ambitious entrepreneurs who aspire to achieve big in life.

Today with a strong presence in 8 states and over 90 districts, and giving smiles to over 1 million happy faces Digamber Finance offers a wide range of microfinance solutions like agricultural loans, small business loans, dairy farm loans etc.

About the Role:

tech-first financial institution

strategic and operational

Key Responsibilities:

Security Governance & Strategy

• Define a 2–3 year information security roadmap aligned with RBI/NBFC guidelines.
• Draft and implement security policies covering endpoint security, IAM, vendor risk management, and incident response.
• Establish and run the organization’s Governance, Risk, and Compliance (GRC) framework.

Regulatory & Compliance

• Lead RBI cyber security compliance, including evidence preparation and audit closure.
• Coordinate with external auditors and regulators.
• Ensure all security initiatives meet or exceed regulatory requirements.

Security Operations (Hands-On)

• Set up and configure SIEM/SOC monitoring in collaboration with vendors or MSSPs.
• Oversee and execute endpoint security rollout (EDR/antivirus, encryption, patching).
• Manage incident detection, response, and reporting.

Identity & Access Management (IAM)

• Implement MFA, privileged access controls, and quarterly access reviews.
• Work with IT to automate user provisioning and deprovisioning.

Vendor & Outsourced Service Security

• Evaluate and approve vendor security posture (e.g., M2P LMS, cloud services).
• Integrate security clauses and SLAs into vendor contracts.
• Monitor vendor performance and compliance.

Awareness & Training

• Launch company-wide security awareness programs and phishing simulations.
• Build a culture of security across 700+ employees.

Requirements:

• Proven track record of building or maturing a security program from low maturity.
• Hands-on experience with: SIEM, Endpoint protection & patch management, IAM solutions, Vulnerability scanning & remediation
• Strong understanding of RBI regulations for NBFCs.
• Experience managing outsourced SOC/MSSP and IT vendors.
• Excellent communication skills — able to work with executives and train non-technical staff.