Job Description & How to Apply Below
If you are a CISM-certified leader with a background in the Trading and Securities industry and a passion for building security-first cultures, we want to hear from you.
Key Responsibilities
1. Governance, Risk & Compliance (GRC)
Strategy & Policy: Develop, maintain, and enforce cybersecurity policies, procedures, and standards aligned with business objectives.
Regulatory Compliance: Ensure strict adherence to relevant laws and regulations, specifically SEBI and NSE Regulations , as well as ISO 27001 standards.
Risk Management:
Conduct enterprise-wide risk assessments, manage risk registers, and recommend appropriate mitigation strategies.
2. Security Program Leadership
Strategic Leadership: Lead the organization's information security program, ensuring alignment with overall business goals.
Audit Management: Coordinate and lead internal and external audits, including SOC 2 and ISO certifications.
BCMS: Oversee Business Continuity Management Systems (BCMS) per ISO 22301 guidelines.
3. Incident Response & Operations
Incident Management: Oversee the Incident Response Plan (IRP), leading efforts to detect, respond to, and recover from security breaches.
Monitoring: Collaborate with IT and SOC teams to ensure real-time monitoring and actionable threat intelligence.
4. Vendor & Third-Party Risk
Vendor Assessment: Assess security controls of third-party vendors and partners.
Procurement
Collaboration:
Work closely with procurement and legal teams to enforce secure vendor management practices.
5. Training & Culture
Awareness Programs: Develop and deliver comprehensive security awareness training across the organization.
Culture Building: Promote a proactive, security-first culture among all employees.
Qualifications & Requirements
Education &
Certifications:
Required:
Bachelor's degree in Computer Science, Information Security, or a related field.
Required:
CISM (Certified Information Security Manager) certification.
Preferred: Additional certifications such as CISSP, CRISC, or CISA.
Experience:
8+ years of total experience in Information Security.
Minimum 2 years in a leadership or management role.
Industry
Experience:
Prior experience in the Trading and Securities Industry is highly preferred.
Experience with ISO 27001 and ISO 22301 implementation and certification is a strong plus.
Technical
Skills:
In-depth knowledge of cybersecurity principles, network security, and incident handling.
Hands-on experience with GRC (Governance, Risk & Compliance) tools .
Strong understanding of SEBI/NSE regulatory landscapes.
#Cyber Security #CISM #Info Sec #Risk Management #Mumbai Jobs #Trading And Securities #SEBI #ISO
27001 #Governance #Security Leadership
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×