Chief Information Security Officer

Job Title: Chief Information Security Officer (CISO)

• Security Strategy Development

  : Develop and implement a comprehensive information security strategy that aligns with the overall business objectives of the HFC.

• Risk Management

  : Identify, assess, and prioritize information security risks and develop mitigation strategies to address vulnerabilities.

• Policy and Compliance

  : Establish and enforce security policies, standards, and procedures to ensure compliance with industry regulations (e.g., RBI guidelines, GDPR).

• Incident Response

  : Develop and manage an incident response plan, including the identification, containment, and remediation of security incidents.

• Security Architecture

  : Oversee the design and implementation of security architecture across all technology platforms, ensuring robust protection of sensitive customer and financial data.

• Team Leadership

  : Build and lead a skilled information security team, fostering a culture of security awareness and continuous improvement.

• Stakeholder Engagement

  : Collaborate with other departments, including IT, legal, and compliance, to ensure a unified approach to information security.

• Monitoring and Reporting

  : Regularly assess and report on the effectiveness of the information security program to the executive team and board of directors.

• Training and Awareness

  : Develop and implement training programs to promote security awareness among employees and ensure adherence to security policies.

• Third-Party Management

  : Evaluate and monitor the security posture of third-party vendors and partners, ensuring they meet the organizations security requirements.

Qualifications:

• Education

  : Bachelors / masters degree in information technology, Cybersecurity, Computer Science, or a related field. A masters degree or relevant certifications (CISSP, CISM, CISA) is preferred.

• Experience

  : Minimum of 8 years of experience in information security, with at least 4 years in a leadership role, preferably within the financial services sector.

• Knowledge

  : Strong understanding of information security frameworks, risk management practices, and compliance requirements specific to HFCs.

• Technical Skills

  : Proficiency in security technologies (firewalls, intrusion detection systems, encryption) and familiarity with network protocols and infrastructure.

• Analytical Skills

  : Strong analytical and problem-solving skills, with the ability to assess complex security challenges and develop effective solutions.

• Communication

  : Excellent communication and interpersonal skills, with the ability to effectively convey security concepts to non-technical stakeholders.

Personal Attributes:

• Strong leadership and team-building skills.
• High ethical standards and a commitment to confidentiality.
• Ability to work in a fast-paced environment and adapt to changing priorities.