Chief Information Security Officer

Oaklane Capital is looking for a seasoned and execution-oriented Chief Information Security Officer (CISO) to lead the cybersecurity, cyber resilience, information security governance, and regulatory cyber compliance framework in line with SEBI Cyber Security and Cyber Resilience Framework (CSCRF), SEBI Mutual Fund Regulations, and applicable cybersecurity and data protection laws.

The role requires a practical and control-oriented professional capable of building and overseeing cybersecurity architecture for a regulated mutual fund environment, including operational resilience, incident response, vendor security oversight, and cyber governance.

Key Responsibilities

• Lead and manage the AMC's cybersecurity and cyber resilience framework.
• Oversee cybersecurity governance across infrastructure, cloud, endpoints, applications, APIs, and critical operational systems.
• Establish and monitor controls relating to:
• SIEM/SOC
• Vulnerability management
• Data encryption
• Coordinate cybersecurity audits, VAPT exercises, remediation tracking, and regulatory cyber compliance.
• Lead cyber incident response, escalation, recovery, forensic coordination, and root-cause analysis.
• Oversee cybersecurity due diligence and monitoring of third-party vendors, cloud providers, and critical service providers.
• Establish cybersecurity awareness and training programs across the organization.
• Work closely with CEO, COO, Compliance, Risk, Operations, Trustees, auditors, and external cybersecurity partners.
• Ensure the Firm remains inspection-ready from a SEBI cybersecurity and operational resilience perspective.

Preferred Profile

• B.E./B.Tech / MCA / equivalent technology qualification.
• 5-10 years of relevant experience in cybersecurity, information security, SOC/SIEM environments, incident response, cyber governance, or financial sector technology security.
• Experience in working with regulated financial services environment will be preferred.
• Strong understanding of:
• Cybersecurity operations
• Cloud and endpoint security
• Incident response
• Vendor security
• Cyber resilience and business continuity