Website:
n53tech.com
Job details:
A growing NBFC is building its information security function from the ground up — with intent, not just compliance. This is a foundational hire for a professional who understands what it means to secure a regulated financial services organisation, and who is ready to own that responsibility — not assist someone else in doing it.
The person who joins here will grow with the organisation. As the business scales over the next two to three years, this role has a clear and deliberate path toward the senior-most security authority within the firm.
What the role owns:
- Information and cyber security strategy, governance, and policy — built for an NBFC operating under RBI oversight
- Full ownership of RBI Cyber Security Framework and RBI IT Framework for NBFCs — compliance, readiness, and regulatory inspection management
- SEBI cybersecurity circular compliance where applicable to the business
- AML / CFT technology controls — understanding of how anti-money laundering obligations translate into systems, monitoring, and controls
- Application, cloud, and infrastructure security — embedded into development and operations, not reviewed after the fact
- Vulnerability management, VAPT, penetration testing governance
- IAM and PAM frameworks — access governance, least privilege, periodic reviews
- Incident detection, response, and cyber crisis management — you lead, not report to someone who leads
- Third-party and outsourcing security governance as per RBI IT outsourcing guidelines
- CERT-In compliance and regulatory reporting obligations
- Security awareness and capability building across the organisation
What we're looking for:
- 8–12 years of experience in information security or cyber security — with meaningful, in-house tenure inside a bank, NBFC, or regulated financial services firm
- Technology is your foundation: you understand infrastructure, cloud, and application security at a working level — not just policy and audit
- Deep, working familiarity with RBI Cyber Security Framework, RBI IT Framework for NBFCs, SEBI cybersecurity directives, and AML/CFT control obligations — you have operated under these, not just read about them
- You have managed or contributed directly to RBI inspections, IS audits, or regulatory engagements — and know what examiners actually look for
- You have responded to live security incidents — you know the difference between a runbook and a real crisis
- Certifications such as CISM, CISSP, CRISC, or CEH are valued
Click on Apply to know more.