Specialist, Regulatory And Cybersecurity Audit, Technology And Operations

Business Function

Group Technology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Banks operational processes and inspire to delight our business partners through our multiple banking delivery channels

Job Summary:

The Cybersecurity Regulatory and Compliance officer is responsible for ensuring the organizations cybersecurity practices comply with applicable laws, regulations, frameworks, data privacyand internal policies. This role bridges the gap between cybersecurity operations and legal/regulatory obligations, ensuring the organization maintains a robust, compliant security posture in a rapidly evolving threat and regulatory landscape.

The position acts as a key liaison with RBI, CERT-In, auditors, and internal stakeholders, ensuring governance and regulatory adherence to cyber security function.

Key Responsibilities:

• Monitor RBI Master Directions, circulars, advisories, and guidelines cybersecurity regulations, DPDP Act and frameworks (e.g., NIST, ISO 27001, DPDP, PCI-DSS, CIS controls) relevant to the Banks operations and industry.
• Lead and translate regulatory cybersecurity and data privacy requirements into actionable internal controls and risk mitigation strategies.
• 
  Integrate Privacy by Design principles into technology, processes, and compliance frameworks.
• Collaborate with IT, security, audit, and business teams for closure of all the cyber security audit issues (Internal, external, Regulatory).
• Support preparation and response for internal audits, external audits, cyber security assessments, (e.g., ISO 27001, PCI-DSS, DPDP Compliances) and regulatory submission.
• Provide timely updates on regulatory and privacy changes to stakeholders in collaboration with the CISO team
• Prepare and submit cybersecurity-related regulatory filings, documentation, and reports.
• Deliver internal training and awareness on cybersecurity compliance requirements and secure practices.

Qualifications:

• Bachelors degree in Cybersecurity, Information Technology, or a related field (masters preferred).
• 10 - 12 years of experience in cybersecurity, regulatory compliance, risk management, or related field.
• Strong understanding of regulations and compliance (e.g., RBI Cybersecurity Framework, Data Privacy, SEBI CSCRF, NIST CSF, ISO/IEC 27001, PCI-DSS, etc.).

  Looking to get Placed? Try our Placement Guarantee Plan

  Get Hired
• Relevant certifications preferred:
• Compliance-focused: Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Privacy Professional (CIPP).
• Cybersecurity-focused: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM).
• Experience supporting security and compliance audits and working with regulatory bodies or external assessors.
• Strong analytical, organizational, and communication skills.

Preferred Experience:

• Hands-on experience working in regulated industries (e.g., NBFC and Bank ).
• Experience in third-party/vendor compliance with data privacy and regulatory advisories.