Cyber Security Tech Information Security Officer-SIDBI

Designation: Cyber Security Tech Information Security Officer (CTISO)

This role ensures robust protection of information assets, regulatory adherence, and resilience against cyber threats.

Number of Positions:

Type of the Post:

Place of Posting:

Age Limit:

Educational Qualification:

Professional Qualification:

Experience:

1. Minimum 10 years of experience in information security, IT Security, cloud security, multilayer security, zero trust architecture and virtualization.
2. Over 10 years of hands-on experience in security systems, including network security, endpoint security, cloud security, log management, access controls, DAM, PAM/PIM etc.
3. Minimum 5 years of experience in handling 24/7 CSOC Operations covering below aspects

- Threat intelligence and cyber incident analysis.
- Incident response principles, tools, and techniques.- Cybersecurity policies, compliance, and governance frameworks.- Use case development, review and corelation of logs for IOCs/IOAs\

Competency:

1. Proficient in translating regulators and compliance requirements into actionable policies, control implementation and defining procedural guidelines.
2. Ability to benchmark and improve Cyber Security posture of the Bank
3. Partner with all internal teams/external entities to address and enhance Cyber posture of the bank
4. Familiarity with Indian banking regulations (RBI Master Directions, DPDP Act, CERT-In).
5. Expertise in risk management, incident response, and security architecture.
6. Excellent communication and stakeholder management skills.
7. Leadership ability to manage cross-functional teams.

Role responsibilities:

Reporting: Reports to CISO

1. Act as a deputy CISO focusing on Cyber/Tech control management. Monitoring and compliance.
2. Play the role of operational enabler, ensuring the organization's cyber defenses are resilient, adaptive, and intelligence driven.
3. Communicate complex cyber risks in business-impact language to executives.

Key responsibilities:

1. Lead during major security incidents, coordinate technical and executive response. Manage incident response lifecycle: detection, containment, eradication, and recovery.
2. Coordinate technical support and track security incidents end-to-end.
3. Oversee forensic investigations and evidence collection during security incidents.
4. Ensure timely remediation of identified risks and compliance gaps.
5. Monitor adherence to RBI guidelines, DPDP Act, CERT-In directives, UIDAI mandates, and other applicable laws.
6. Prepare compliance reports for senior management and regulatory bodies. Supervise Cyber Security Operations Center (CSOC) activities, including incident detection, response, and recovery.
7. Coordinate with IT teams for patch management and secure configurations.
8. Act as second-in-command to CISO, representing the function in internal and external forums.
9. Develop and maintain SOC playbooks, policies, and compliance.
10. Advise senior leadership on cybersecurity posture.
11. Manage budgets, contracts, and vendor/outsourcing/third-party.
12. Engineer, implement and monitor security measures for the protection of computer systems, networks and information
13. Identify and define system security requirements, design Cyber security architecture and develop detailed designs
14. Prepare and document standard operating procedures.
15. Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
16. Write comprehensive reports including assessment-based findings, outcomes and propositions for further security enhancement
17. Monitor emerging threats and recommend mitigation strategies.
18. Manage implementation and operation of security technologies.
19. Any other work, in expertise and in the interest of the Bank as advised from time-to-time.