1,433 Chief Information Security Officer jobs in India

The next frontier of AI begins with Centific

Centific is a Seattle-based tech company pioneering the future of AI one breakthrough at a time. Learn how we’re transforming the world through safe and scalable AI and empowering businesses to unlock the full potential of their data.

Domain: AI Platform & Data Foundry | Sectors: Healthcare, Public Sector, Retail

Position Summary

The Chief Information Security Officer (CISO) is responsible for leading the security, privacy, and compliance strategy across a cutting-edge AI platform and data foundry product suite. This role is critical in ensuring secure AI development and deployment across regulated industries such as healthcare, public services, and retail, where data sensitivity, ethical AI use, and regulatory compliance are paramount.

Key Responsibilities

Security Strategy & Architecture

• Define and execute a comprehensive security strategy aligned with business goals, product architecture, and sector-specific regulatory requirements.
• Lead the design and implementation of secure-by-design principles across AI pipelines, including RAG, RLHF, HITL, and red teaming modules.

Governance & Risk Management

• Establish and maintain governance frameworks for AI model lifecycle management, including auditability, explainability, and safety scoring.
• Conduct regular risk assessments and threat modeling, particularly for AI-specific threats such as data poisoning and adversarial attacks.

Incident Response & Resilience

• Develop and lead the enterprise-wide incident response program, including detection, containment, investigation, and recovery.
• Coordinate cross-functional response to security incidents and ensure continuous improvement through post-incident reviews and simulations.

Compliance & Regulatory Alignment

• Ensure compliance with global and sector-specific regulations, including HIPAA, HITECH, GDPR, CCPA, PCI-DSS, FedRAMP, and the EU AI Act.
• Lead certification and audit readiness efforts (e.g., ISO 27001, SOC 2, HITRUST).

Sector-Specific Security Oversight

• Healthcare: Secure PHI/PII in AI-driven diagnostics, imaging, and patient engagement systems.
• Public Sector: Align with NIST 800-53 and FedRAMP for civic AI deployments and law enforcement use cases.
• Retail: Protect customer data used in personalization, sentiment analysis, and recommendation engines.

Security Awareness & Culture

• Champion a security-first culture through training, awareness campaigns, and executive engagement.
• Develop role-based security education programs tailored to engineering, product, and business teams.

Customer & Partner Trust

• Serve as the executive voice on security in customer engagements, RFPs, and co-sell partnerships.
• Lead responses to customer security questionnaires and ensure transparency in data handling practices.

Operational Excellence

• Build and manage a centralized Command Control Center for real-time monitoring of AI systems, infrastructure, and compliance metrics.
• Continuously improve security operations through automation, analytics, and threat intelligence integration.

Qualifications

• 10+ years in cybersecurity leadership, with 3+ years in AI/ML or data platform environments.
• Proven experience securing AI systems in healthcare, public sector, or retail domains.
• Deep understanding of cloud-native architectures (AWS, Azure, GCP), DevSecOps, and infrastructure-as-code.
• Strong knowledge of regulatory frameworks: HIPAA, GDPR, CCPA, NIST, FedRAMP, PCI-DSS.
• Certifications such as CISSP, CISM, CCSP, or emerging AI governance credentials are preferred.

Preferred Attributes

• Experience with AI-specific compliance frameworks and ethical AI principles.
• Familiarity with data marketplaces, synthetic data generation, and human-in-the-loop (HITL) systems.
• Ability to influence executive stakeholders and shape product security strategy in a fast-paced, innovation-driven environment.

POSITION SUMMARY:

The incumbent will lead the organization’s cybersecurity function, overseeing threat monitoring, risk assessment, data protection, and incident response. Responsibilities include designing secure IT architectures, governing identity and access controls, implementing risk-mitigation programs, conducting investigations, and ensuring compliance through effective governance.

KEY ACCOUNTABILITIES/ KEY RESPONSIBILITIES:

Security Operations & Incident Response:
Oversee a robust Security Operations Center (SOC) functionality, potentially outsourced or augmented by automation, to provide real-time monitoring and analysis of immediate cyber threats targeting the organization's systems and data.
Develop and implement incident response plans, encompassing procedures for timely detection, containment, eradication, and recovery from security breaches or data loss events.
Lead and coordinate effective responses to security incidents, minimizing downtime and mitigating potential financial and reputational damage to the organization and its clients.
Cyber Risk Management & Intelligence:
Proactively identify, assess, and mitigate information security risks across the entire IT ecosystem and business processes, including evaluating the risks associated with emerging technologies and digital transformation initiatives.
Stay abreast of the evolving cyber threat landscape, including targeted attacks, ransomware, and insider threats, and translate complex technical risks into understandable insights for the leadership team and board of directors.
Develop and maintain a comprehensive risk management framework, incorporating robust risk assessments, vulnerability management, and continuous monitoring to strengthen the organization's security posture.
Data Loss & Fraud Prevention:
Implement and enforce data protection policies and controls to prevent unauthorized access, misuse, or exfiltration of sensitive client information and organizational data, whether from external sources or internal staff.
Employ advanced anti-fraud and anomaly detection systems, including transaction monitoring and behavioral pattern analysis, to safeguard financial assets and preserve client trust.
Security Architecture & Engineering:
Lead the planning, selection, and implementation of security hardware and software solutions, including designing secure network and IT infrastructure aligned with industry best practices and regulatory compliance.
Develop and maintain a robust and scalable security architecture that supports the organization's digital transformation initiatives and ensures the security of its expanding digital footprint.
Regularly review and update security systems to ensure their effectiveness against evolving threats and vulnerabilities, prioritizing a proactive approach to security by design rather than a reactive one.
Identity & Access Management (IAM):
Design and implement an effective Identity and Access Management (IAM) framework to ensure that only authorized personnel have appropriate access to sensitive data, systems, and client information based on the principle of least privilege.
Enforce strong authentication mechanisms, including Multi-Factor Authentication (MFA), to minimize the risk of unauthorized access due to compromised credentials.
Regularly audit and review user access privileges to ensure they remain aligned with job functions and organizational policies, promptly revoking access for departing employees and those changing roles.
Security Program Management:
Develop and implement a comprehensive security program roadmap, encompassing a structured approach to securing the organization's digital infrastructure and promoting a security-first culture across all departments.
Lead and manage the security team, fostering a culture of continuous learning and professional development, equipping them with the skills to address emerging security challenges.
Effectively allocate resources, including budget and personnel, to ensure the successful execution of security initiatives and compliance with regulatory requirements.
Investigations & Forensics:
Lead and oversee investigations into security incidents and data breaches, determining the root cause, assessing the scope of the breach, and collaborating with internal and external parties as needed.
Conduct forensic analysis to recover and analyze digital evidence, identifying the attackers' methods and supporting legal proceedings or regulatory reporting as necessary.
Develop and implement corrective measures and lessons learned from security incidents to prevent future occurrences and strengthen the organization's cyber resilience.
Governance & Compliance:
Establish and maintain a robust information security governance framework that aligns with the organization's objectives, regulatory requirements (including RBI regulations for Microfinance Companies), and industry best practices.
Ensure continuous compliance with all applicable laws, regulations, and industry standards, including those related to data protection, privacy, and financial operations.
Act as the primary point of contact for regulatory bodies and internal/external auditors on all information security matters, ensuring transparency and proactive reporting.

DESIRED PROFILE:
Qualifications and Skills
Experience: 12+ years of relevant work experience with a bachelor’s degree in computer science or related field.
Should have prior experience in handling Cybersecurity Operations Management, Cyber Risk & Intelligence, Data Protection & Fraud Prevention, Security Architecture, Identity & Access Management, Digital Forensics & Incident Investigation, Governance & Compliance
Knowledge on RBI regulations related to security is important.
Cyber Security Certifications are added advantages (CISA, CISSP, CISM)

The next frontier of AI begins with Centific
Centific is a Seattle-based tech company pioneering the future of AI one breakthrough at a time. Learn how we’re transforming the world through safe and scalable AI and empowering businesses to unlock the full potential of their data.

Domain: AI Platform & Data Foundry | Sectors: Healthcare, Public Sector, Retail

Position Summary
The Chief Information Security Officer (CISO) is responsible for leading the security, privacy, and compliance strategy across a cutting-edge AI platform and data foundry product suite. This role is critical in ensuring secure AI development and deployment across regulated industries such as healthcare, public services, and retail, where data sensitivity, ethical AI use, and regulatory compliance are paramount.

Key Responsibilities
Security Strategy & Architecture
Define and execute a comprehensive security strategy aligned with business goals, product architecture, and sector-specific regulatory requirements.
Lead the design and implementation of secure-by-design principles across AI pipelines, including RAG, RLHF, HITL, and red teaming modules.
Governance & Risk Management
Establish and maintain governance frameworks for AI model lifecycle management, including auditability, explainability, and safety scoring.
Conduct regular risk assessments and threat modeling, particularly for AI-specific threats such as data poisoning and adversarial attacks.
Incident Response & Resilience
Develop and lead the enterprise-wide incident response program, including detection, containment, investigation, and recovery.
Coordinate cross-functional response to security incidents and ensure continuous improvement through post-incident reviews and simulations.
Compliance & Regulatory Alignment
Ensure compliance with global and sector-specific regulations, including HIPAA, HITECH, GDPR, CCPA, PCI-DSS, FedRAMP, and the EU AI Act.
Lead certification and audit readiness efforts (e.g., ISO 27001, SOC 2, HITRUST).
Sector-Specific Security Oversight
Healthcare: Secure PHI/PII in AI-driven diagnostics, imaging, and patient engagement systems.
Public Sector: Align with NIST 800-53 and FedRAMP for civic AI deployments and law enforcement use cases.
Retail: Protect customer data used in personalization, sentiment analysis, and recommendation engines.
Security Awareness & Culture
Champion a security-first culture through training, awareness campaigns, and executive engagement.
Develop role-based security education programs tailored to engineering, product, and business teams.
Customer & Partner Trust
Serve as the executive voice on security in customer engagements, RFPs, and co-sell partnerships.
Lead responses to customer security questionnaires and ensure transparency in data handling practices.
Operational Excellence
Build and manage a centralized Command Control Center for real-time monitoring of AI systems, infrastructure, and compliance metrics.
Continuously improve security operations through automation, analytics, and threat intelligence integration.

Qualifications
10+ years in cybersecurity leadership, with 3+ years in AI/ML or data platform environments.
Proven experience securing AI systems in healthcare, public sector, or retail domains.
Deep understanding of cloud-native architectures (AWS, Azure, GCP), DevSecOps, and infrastructure-as-code.
Strong knowledge of regulatory frameworks: HIPAA, GDPR, CCPA, NIST, FedRAMP, PCI-DSS.
Certifications such as CISSP, CISM, CCSP, or emerging AI governance credentials are preferred.

Preferred Attributes
Experience with AI-specific compliance frameworks and ethical AI principles.
Familiarity with data marketplaces, synthetic data generation, and human-in-the-loop (HITL) systems.
Ability to influence executive stakeholders and shape product security strategy in a fast-paced, innovation-driven environment.

Job Opening: Chief Information Security Officer (CISO)
Location: Thane
Employment Type: Full-Time | Senior Leadership
Department: Security & Compliance

About the Role
We’re looking for an experienced and visionary Chief Information Security Officer (CISO) to lead our company-wide information security strategy. As a key member of the senior leadership team, you’ll be responsible for protecting our systems, data, and applications while aligning security initiatives with our business goals.
This role requires a strong leader with deep technical expertise, a strategic mindset, and a passion for building secure, scalable, and compliant environments—especially within fast-paced, SaaS or technology-driven companies.

Key Responsibilities
Strategic Leadership
Define and drive the overall information security vision, strategy, and roadmap.
Provide executive-level guidance on risk management, compliance, and emerging threats.
Embed security best practices into business operations through cross-functional collaboration.
️ Risk & Security Program Management
Develop and enforce comprehensive security policies, standards, and procedures.
Lead enterprise-wide risk assessments, threat modeling, and vulnerability analysis.
Monitor and respond to security threats, alerts, and reports in real time.
Incident Response & Recovery
Lead the development and execution of incident response strategies and playbooks.
Oversee security investigations and coordinate cross-functional remediation efforts.
Act as point-of-contact for stakeholders and regulators during security events.
Compliance & Audit
Ensure compliance with frameworks and regulations like ISO 27001, GDPR, SOC 2, etc.
Support internal and external audits, and drive closure of any findings.
Maintain comprehensive documentation of security policies and incident history.
Security Awareness & Culture
Promote a culture of security through ongoing training and awareness programs.
Collaborate with department leaders to ensure security is part of everyday practices.
Technical Leadership
Oversee the implementation and management of tools like SIEM, IDS/IPS, firewalls, and encryption.
Conduct regular penetration testing and vulnerability assessments.
Stay ahead of industry trends and technologies to continually improve defenses.
Application Security Oversight
Partner with engineering teams to integrate security into the SDLC.
Lead secure code reviews, vulnerability assessments, and application threat modeling.
Define and enforce secure coding standards; train teams on AppSec best practices.

What We’re Looking For
Education & Certifications
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field.
Advanced certifications preferred: CISSP, CISM, OSCP, CEH, or equivalent.

Experience
12+ years in information security, with leadership in enterprise environments.
Strong background in SaaS or technology-led companies.
Proven ability to align security programs with business strategy.

Skills & Competencies
Deep knowledge of security frameworks (NIST, ISO 27001) and compliance standards (GDPR, SOC 2).
Expertise in cloud security (AWS, GCP, or Azure).
Strong communication and leadership skills to influence at all levels.
Hands-on experience with security tools (SAST, DAST, SIEM, IDS/IPS, encryption).
Analytical and data-driven approach to problem-solving.

Why Join Us?
Influence and own the end-to-end security strategy at the highest level.
Work with a collaborative, mission-driven leadership team.
Drive innovation in a high-impact role where security is a top priority.

Profile :

• Primarily responsible for articulating and enforcing the policies that the UCB uses to

protect its information assets apart from coordinating the cyber security related issues / implementation within the Bank as well as relevant external agencies.

• Responsible for ensuring compliance to various instructions issued on information/cyber security by RBI.
• Responsible to place a separate review of cyber security arrangements/ preparedness of the Bank before the Board on a quarterly basis.
• Responsible for bringing to the notice of the Board about the vulnerabilities and cyber security risks that the Bank is exposed to.
• Manage and monitor the C-SOC and drive cyber security related projects and can have a dotted relation with Chief Information Officer (CIO) for driving such projects.
• By virtue of the role as member secretary of information security and/or related committees(s), if any, may ensure, inter alia, current/emerging cyber threats to banking (including payment systems) sector and the Banks preparedness in these aspects
• Responsible for sustenance of the compliances achieved on year on year basis.

Experience :

• IT related work experience of minimum 15 years, of which at least 10 years of experience in Information Security in Financial Institutions.

Qualification :

• Bachelor/Master Degree in Engineering in any one of the following disciplines:

a) Computer Science

b) Information Technology

c) Electronics and Communication

d) Cyber Security

• Master of Computer Applications (MCA)
• Master in Business Administration (MBA) - Systems / IT

(Higher qualifications will be given preference)

Professional Qualification :

The candidate should possess any one of the following certificates:

a) Certified Information Systems Security Professional (CISSP)

b) Certified Information Security Manager (CISM)

c) Certified Chief Information Security Officer (CCISO)

d) Certified Information Systems Auditor (CISA)

Skills :

• Exposure to Core Banking Solution, Digital Banking, Networking and IT Infrastructure solutions.
• Knowledge of IT governance & compliances.
• Requisite technical background and expertise.