Cyber Security Manager (Risk & Governance)

You will be responsible for overseeing and managing risks associated with internal stakeholders, external vendors, suppliers, and partners engaged by the bank. Your critical role will ensure compliance with regulatory Risk Management guidelines, mitigate operational, financial, and cybersecurity risks, and safeguard the bank's reputation. You will work closely with internal stakeholders and external vendors to establish a robust risk management framework, conduct due diligence, and monitor ongoing compliance. - **Policy & Framework**: - Develop and review the Bank's Outsourcing/Third Party/Vendor Risk Management Framework and the Risk Assessment Templates. - Implement the framework in coordination with Internal and External Stakeholders. - **Risk Identification & Assessment**: - Identify and assess IT and cybersecurity risks across critical applications and infrastructure. - Highlight control gaps, suggest mitigation plans, and ensure compliance with internal and external standards. - **Risk Mitigation & Control**: - Develop and implement risk management policies and controls. - Align cybersecurity services with business needs to improve performance and adapt to evolving threats. - **Compliance & Regulatory Oversight**: - Ensure compliance with CERT-IN, ISO 27001, RBI, and other relevant standards. - Establish metrics to demonstrate the value and impact of cybersecurity initiatives. - **Risk Monitoring & Reporting**: - Monitor security posture and track risks. - Report key metrics and improve processes to enhance operational efficiency and service quality. - **Incident Response & Crisis Management**: - Lead response efforts, conduct root cause analysis, and ensure continuity during cybersecurity incidents. - **Incident Management**: - Conduct audits and threat assessments to detect violations and inefficiencies. - Stay updated on emerging threats and technologies to strengthen cybersecurity posture. - **Reporting & Communication**: - Create clear reports on system performance and incidents. - Provide risk-based recommendations to guide business decisions. - **Third-Party Risk Management**: - Evaluate and manage vendor risks. - Integrate cybersecurity practices into business operations to support strategic objectives. You will need to have a minimum of 6+ years of experience in an IT-related area, of which 3+ years should be in the Cyber Security/Information Security domain. Your educational qualification should be a B.Tech / B.E / MCA / M.Sc (IT or Cyber Security related specialisations) / BCA / B.Sc (IT or Cyber Security related specialisations) from a recognized University with a minimum score of 50% or equivalent qualifications. Please note that the place of posting for this role will be Ernakulam/Bangalore, and you may be liable for transfer anywhere in India at the sole discretion of the Bank.,