Job Description

:
About the Role
This role will serves as a subject matter expert in cybersecurity risk review technical team in the banking industry. Banks cybersecurity risk reviewer candidate will be responsible for performing detailed risk assessments and architecture reviews, ensuring that security measures align with industry standards, regulatory requirements, and the banks business objectives. This role requires deep technical expertise, a risk-focused mindset, and the ability to design and evaluate secure system architectures.
Key Responsibilities
ISS Operation

• Perform a thorough review of the various functions/operations/applications being used by the bank in-line with Bank policy and regulatory requirement.
• Ensure compliance with information and cyber security controls in-line with various circulars and advisories issued by RBI, SEBI and Cert-In
• Coordinate with stakeholders to ensure timely response and closure of observations reported.
• Monitor and track observations and KRI w.r.t information and cyber security.
• Conduct periodic security review for application and systems hosting confidential and customer data.

Risk Assessment

• Conduct comprehensive risk assessments of IT systems, applications, and third-party integrations.
• Identify security vulnerabilities, assess threats, and evaluate potential business impacts.
• Develop risk mitigation strategies and provide actionable recommendations to stakeholders.
• Ensure compliance with regulatory requirements.

Security Architecture Review

• Assess the effectiveness of security controls within system designs, including network, data, and application layers.
• Perform architecture risk reviews of existing and proposed IT systems, applications, and cloud environments.
• Develop and recommend security solutions to address identified weaknesses or risks.
• Review and enhance secure design principles for new projects and systems.

Security Frameworks and Standards

• Align security architecture with established frameworks (e.g., NIST CSF, ISO 27001, PCI DSS, SOC2, MAS, HKMA).
• Ensure security by design is incorporated into the Software Development Lifecycle (SDLC).
• Evaluate compliance with security baselines, policies, and procedures.
• Well-versed in card data security and other regularity standards like NPCI/RBI/VISA/MasterCard
• General Knowledge of legal framework for Information Security and Data Protection

Collaboration and Stakeholder Engagement

• Work closely with cross-functional teams like IT, product, compliance, legal, IT, audit, finance, business and operation team to ensure security requirements are implemented effectively.
• Liaison with business team and technology team to carry business process, product and technology control review.
• Provide technical guidance on secure architecture best practices.
• Engage with external auditors, regulators, and third-party vendors as needed.

Reporting and Documentation

• Develop detailed architecture review reports, including identified risks and mitigation strategies.
• Drive regulatory compliance across business and technology
• Maintain documentation of security controls, architectures, and assessment methodologies.
• Present findings and recommendations to senior management and stakeholders.

Qualifications/ Experience
Optimal qualification for success on the job is:

• BE, B Tech, BSC-IT, MCA, BCA or other related field
• Qualifications like CISA, CISSP, CISM, CRISK, TOGAF Certified Architect, GIAC Certified Enterprise Defender (GCED) or GIAC Security Architecture (GDSA)

Skills:
Refer to the
About Company:
Axis Bank is the third largest private sector bank in India. The Bank offers the entire spectrum of financial services to customer segments covering Large and Mid-Corporates, MSME, Agriculture and Retail Businesses. The Bank has a large footprint of 4,594 domestic branches (including extension counters) with 11,333 ATMs & 5,710 cash recyclers spread across the country as on 31st March, 2021. The Bank has 6 Virtual Centres and has over 1500 Virtual Relationship Managers as on 31st March 2021.The Overseas operations of the Bank are spread over eight international offices with branches at Singapore, Dubai (at DIFC) and Gift City-IBU; representative offices at Dhaka, Dubai, Abu Dhabi, Sharjah and an Overseas subsidiary at London, UK. The international offices focus on Corporate Lending, Trade Finance, Syndication, Investment Banking and Liability Businesses