Cyber Security Manager

Job Purpose

To lead and manage the cyber security framework and operations of the company, ensuring confidentiality, integrity, and availability of IT systems and client data. The role will be crucial in implementing and maintaining regulatory, technical, and operational safeguards to counter cyber threats.

Key Responsibilities

1. Cyber Security Governance

Develop and implement information security policies, standards, and procedures in line with SEBI and RBI guidelines.

Lead internal and external cyber audits, regulatory inspections (SEBI, NSE, BSE, etc.).

2. Threat & Vulnerability Management

Conduct regular vulnerability assessments and penetration tests (VAPT).

Manage SIEM/SOC tools and ensure timely detection and mitigation of threats.

Lead incident response and forensic analysis for security breaches.

3. Infrastructure Security

Ensure secure configuration of networks, servers, cloud services, firewalls, and endpoints.

Implement and manage tools like EDR, DLP, NAC, IDS/IPS, PAM, and endpoint protection.

Regularly assess and harden infrastructure to prevent potential exploits.

4. Application & Data Security

Ensure secure software development lifecycle (SSDLC) practices.

Perform code reviews and application security testing for trading platforms and mobile/web apps.

Secure client data through encryption, access control, and secure APIs.

5. User Awareness & Access Management

Conduct security awareness training across departments.

Manage user identity and access control using IAM frameworks.

Monitor privileged access and enforce least privilege principle.

6. Regulatory & Compliance

Ensure compliance with SEBI Cyber Security & Cyber Resilience framework.

Prepare and submit periodic reports to regulators and management.

Stay updated with regulatory changes and cyber advisories.

Required Skills & Competencies

Strong knowledge of SEBI and RBI cybersecurity compliance requirements.

Hands-on experience in firewall, antivirus, DLP, SIEM, IDS/IPS, and VAPT tools.

Good understanding of OWASP Top 10, MITRE ATT&CK, and cyber threat frameworks.

Excellent analytical, problem-solving, and communication skills.

Experience in handling incidents, audits, and SOC operations.

Educational Qualifications

B.E. / B.Tech / MCA / M.Sc (IT or Computer Science)

Certifications preferred:

CISSP, CISM, CEH, ISO 27001 LA, or equivalent.

Preferred Experience

Prior experience in a stock broking company, stock exchange, or financial services (BFSI) domain is highly desirable.

Experience in managing cyber security operations in 24x7 trading environments