CISO in Mumbai for a mid-sized NBFC

We are a leading, professionally managed Executive Search organization that identifies Senior Talent for our clients who are World-Renowned MNCs & Indian Enterprises across diverse verticals.

Our clients are a mid-sized NBFC based in Mumbai.

Our clients are seeking a highly accomplished CISO to lead the information security function from the company's head office.

Ideal candidates must demonstrate high initiative, ownership, and integrity and possess a strong entrepreneurial drive and vision.

Role Overview

The CISO will be responsible for establishing and driving the information security vision, strategy, and program to ensure the confidentiality, integrity, and availability of information assets, in alignment with RBI regulations and business objectives. This role will lead enterprise-wide cybersecurity initiatives, manage regulatory compliance, and strengthen resilience against emerging threats.

Key Responsibilities

- Define and implement an enterprise information security strategy, framework, and governance for the NBFC.

- Ensure compliance with RBI's Cyber Security Framework for NBFCs, ISO 27001, and other applicable regulations.

- Develop, maintain, and test incident response, business continuity, and disaster recovery plans.

- Lead cyber risk assessments, vulnerability management, and penetration testing initiatives.

- Oversee data security, encryption, and access control policies across all business units.

- Implement SOC (Security Operations Center) monitoring, threat intelligence, and proactive detection mechanisms.

- Manage vendor and third-party security risks; ensure secure cloud and fintech integrations.

- Build employee awareness and training programs on cyber hygiene and fraud prevention.

- Report regularly to the Board and Risk Committee on cyber posture, incidents, and mitigation plans.

- Lead the security team; collaborate with IT, compliance, risk management, and business stakeholders.

Candidate Profile

1. BE + MCA (or equivalent) with relevant certifications (CISM, CISSP, CISA, ISO 27001) with 12-12 years relevant experience and at least 5 years in NBFCs and mid/large Indian private sector banks or PSU banks.

2. Leadership as CISO: 3-5 years as CISO / Deputy CISO in an NBFC (- 1500+ Cr AUM) or in a mid-sized Indian/PSU bank.

3. Security Strategy & Policy Development: Active involvement in designing and rolling out of IS strategies and policies per RBI/CERT-IN/ISO 27000/DPDP/IT Act.

4. IS Infrastructure: Track record of setting up IS infrastructure in NBFCs/Banks (- 2500+ Cr).

5. SOC & IT Security Operations: Hands-on experience in managing SOCs (SIEM, dashboards, response teams, MSSPs), BCP, firewalls, patching, and IT service monitoring.

6. IS Culture Building: Proven ability to create awareness and foster a strong IS culture across organizations.

7. Stakeholder & Regulatory

- Engagement: Direct experience dealing with Risk Committees, Boards, RBI, and CERT-IN.

The position will close in the next four weeks.

Our clients offer excellent salaries and opportunities for career growth.

Kindly also provide the information below:

1. Name of Institute and Year of completing your BE or MCA:

2. Name of your current organization:

3. Size of your organization (AUM: - Cr):

4. Your current designation:

5. Your current KRAs:

6. Headcount of your current organization:

7. The number of branch locations of your organization:

8. Number of years of experience in IS:

9. Who do you report to?

10. Size of the team reporting to you:

11. Certifications acquired by you (e.g. CISM, CISSP, CISA, ISO 27001):

12. Annual budget managed by you (- Cr):

13. Your current gross annual ctc (Fixed + Variable):

15. Your expected gross annual ctc (Fixed + Variable):

16. Joining time if selected:

17. Your availability date/time for the interview:

18. Your current suburb of residence:

19. Your contact/mobile number:

20. Detail/s of major achievement/s in your career:

21. Details of Awards won:

22. Reason/s for seeking a change:

23. Total number of years in NBFCs: