Job Description
The Lead Cyber Security Lead will be responsible for designing, implementing, and governing data privacy & governance driven security controls across the enterprise in line with DPDPA, IRDAI, and internal cyber security policies. The role acts as a bridge between the DPO office, CISO organization, IT teams, and external vendors.
Key Responsibilities:
Develop, implement, and enforce data security policies and Data privacy &Governance, including encryption, access controls, data minimization, and retention.
Monitor and review implementation of privacy and security tools as recommended by the DPO team.
Coordinate with IT, Infra, Application, and Vendor teams to ensure timely resource allocation for tool and other security requirement implementation.
Review and validate cyber security and data protection clauses for third-party, vendor, and group business agreements.
Assess and govern data security controls to ensure alignment with enterprise data privacy objectives.
Represent Cyber Security in Group-level Data Privacy and Data Governance forums, initiating actions post-review and approval from the CISO.
Oversee data protection strategies, ensuring security of data at rest and in transit and compliance with applicable privacy laws.
Lead integration of Data Privacy tools with SIEM, define monitoring use cases, alerts, and incident playbooks.
Support audits, regulatory reviews, and internal assurance activities related to data protection and privacy.
Requirements
Experience & Qualifications:
8+ years of experience in Information Security / Data Privacy, preferably in Banking, Financial Services, or Insurance.
Hands-on exposure to DPDPA, IRDAI guidelines, and (security + privacy) -by-design implementation.
Strong experience in risk management, policy drafting, audit oversight, and vendor governance.
Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or related discipline.
Industry certifications such as CISM, CISSP, CISA (preferred).
