Deputy Chief Information Security Officer

As the Deputy Chief Information Security Officer (Deputy CISO) in the Banking & Financial Services industry based in Kolkata, India, with over 10 years of experience in Information Security, Cybersecurity, or related fields, your role will encompass a wide range of strategic, risk management, incident response, technology implementation, leadership, and training responsibilities. **Key Responsibilities:** - **Strategic Security Management:** - Assist the CISO in defining and implementing the bank's cybersecurity strategy. - Ensure alignment with regulatory guidelines (RBI, SEBI, CERT-In, etc.) and global security standards (ISO 27001, NIST, PCI-DSS). - Develop and maintain bank-wide security policies, procedures, and frameworks. - **Risk Management & Compliance:** - Conduct risk assessments, vulnerability testing, and penetration testing. - Oversee security audits and regulatory compliance to mitigate cyber threats. - Lead the third-party risk management process for vendor security evaluations. - Ensure adherence to RBI cybersecurity framework and banking industry security regulations. - **Incident Response & Threat Management:** - Lead the Security Operations Center (SOC) team to monitor, detect, and respond to security incidents. - Develop incident response plans and coordinate cyber drills. - Work with law enforcement and regulators in case of security breaches. - **Technology & Security Implementation:** - Deploy and manage firewalls, IDS/IPS, endpoint security, and encryption tools. - Evaluate and implement new security technologies (SIEM, SOAR, Zero Trust Architecture). - Ensure secure cloud computing, mobile banking security, and fraud prevention. - **Leadership & Training:** - Provide cybersecurity awareness training for employees and stakeholders. - Manage and mentor the security team to improve security posture. - Collaborate with IT, risk, compliance, and legal teams to strengthen cybersecurity governance. **Qualifications & Skills:** - **Educational Requirements:** - Bachelors/Masters degree in Cybersecurity, Computer Science, Information Technology, or related fields. - Additional certifications such as CISSP, CISM, CISA, CEH, CRISC are preferred. - **Technical & Functional Expertise:** - Strong understanding of banking security regulations, digital banking risks, and fraud detection. - Experience with SIEM, endpoint security, IAM, DLP, and cloud security solutions. - Knowledge of network security, encryption, and secure software development. - **Soft Skills:** - Strong leadership and stakeholder management skills. - Ability to handle high-pressure security incidents. - Excellent communication and decision-making abilities. As the Deputy Chief Information Security Officer (Deputy CISO) in the Banking & Financial Services industry based in Kolkata, India, with over 10 years of experience in Information Security, Cybersecurity, or related fields, your role will encompass a wide range of strategic, risk management, incident response, technology implementation, leadership, and training responsibilities. **Key Responsibilities:** - **Strategic Security Management:** - Assist the CISO in defining and implementing the bank's cybersecurity strategy. - Ensure alignment with regulatory guidelines (RBI, SEBI, CERT-In, etc.) and global security standards (ISO 27001, NIST, PCI-DSS). - Develop and maintain bank-wide security policies, procedures, and frameworks. - **Risk Management & Compliance:** - Conduct risk assessments, vulnerability testing, and penetration testing. - Oversee security audits and regulatory compliance to mitigate cyber threats. - Lead the third-party risk management process for vendor security evaluations. - Ensure adherence to RBI cybersecurity framework and banking industry security regulations. - **Incident Response & Threat Management:** - Lead the Security Operations Center (SOC) team to monitor, detect, and respond to security incidents. - Develop incident response plans and coordinate cyber drills. - Work with law enforcement and regulators in case of security breaches. - **Technology & Security Implementation:** - Deploy and manage firewalls, IDS/IPS, endpoint security, and encryption tools. - Evaluate and implement new security technologies (SIEM, SOAR, Zero Trust Architecture). - Ensure secure cloud computing, mobile banking security, and fraud prevention. - **Leadership & Training:** - Provide cybersecurity awareness training for employees and stakeholders. - Manage and mentor the security team to improve security posture. - Collaborate with IT, risk, compliance, and legal teams to strengthen cybersecurity governance. **Qualifications & Skills:** - **Educational Requirements:** - Bachelors/Masters degree in Cybersecurity, Computer Science, Information Technology, or related fields. - Additional certifications such as CISSP, CISM, CISA, CEH, CRISC are preferred. - **Technical