Cyber & Technical Risk Assessment Officer

8 - 10 years

0 Lacs

Posted:1 day ago| Platform: Linkedin logo

Apply

Work Mode

On-site

Job Type

Full Time

Job Description

Role Overview:


The Cyber & Technical Risk Assessment Officer will be responsible for identifying, analysing, and mitigating cyber and technical risks associated with banking systems, infrastructure, and digital assets. This role will ensure that the bank complies with regulatory requirements (such as RBI, SEBI, ISO, NIST, etc.), and internal risk frameworks, and maintains a strong security posture.


Required Qualifications & Skills:

Certifications (Preferred):

  • CRISC, CISA, CISSP, ISO 27001 LA, CEH, or similar.

Experience:

  • 8-10 years of relevant experience in Information Security domain (minimum 3 years in cyber/IT risk assessment, preferably in BFSI).
  • Familiarity with GRC tools (RSA Archer, ServiceNow GRC, etc.).


Key Responsibilities:


1. Cyber & IT Risk Assessments:

  • Conduct end-to-end cyber risk assessments for critical IT systems, applications, and infrastructure.
  • Evaluate technology solutions and vendors for inherent risks.
  • Perform periodic threat modelling and vulnerability assessments.
  • Maintain risk registers and report on identified risks with remediation plans.


2. Control Reviews & Compliance:

  • Assess and ensure compliance with applicable regulatory guidelines such as:
  • RBI’s Cybersecurity Framework for Banks
  • SEBI’s CSCRF (for REs, if applicable)
  • ISO 27001, NIST CSF, PCI-DSS
  • Validate implementation of security controls across endpoints, network, cloud, and application layers.


3. Governance and Reporting:

  • Prepare cyber risk dashboards and submit periodic reports to senior management, CRO, and Board committees.
  • Track and follow up on mitigation of identified risks.
  • Coordinate with auditors (internal/external) during cyber/IT audits.


4. Third-party & Cloud Risk Management:

  • Conduct third-party risk assessments for outsourced vendors and cloud service providers.
  • Ensure that Service Level Agreements (SLAs) and contracts cover cyber risk clauses and responsibilities.


5. Incident Risk Evaluation:

  • Participate in root cause analysis for cyber incidents.
  • Assess risk impact of incidents and define compensating controls.


6. Policy and Process Development:

  • Assist in drafting or updating Information Security and Risk Management policies.
  • Ensure adherence to secure SDLC and DevSecOps practices.



Technical Skills:

  • Understanding of firewalls, IDS/IPS, DLP, SIEM, EDR, IAM tools.
  • Knowledge of cybersecurity standards and frameworks (e.g., NIST, MITRE ATT&CK).
  • Ability to interpret vulnerability scan results and threat intelligence reports.

Soft Skills:

  • Strong analytical and documentation skills.
  • Communication and stakeholder management.
  • Ability to work independently and handle multiple priorities.


Desirable:

  • Hands-on experience with risk scoring methodologies.
  • Exposure to cloud platforms (AWS, Azure) and their risk models.
  • Experience in cybersecurity exercises, RCSA, and BIA for IT systems.

Mock Interview

Practice Video Interview with JobPe AI

Start Job-Specific Interview
cta

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.

Job Application AI Bot

Job Application AI Bot

Apply to 20+ Portals in one click

Download Now

Download the Mobile App

Instantly access job listings, apply easily, and track applications.

coding practice

Enhance Your Skills

Practice coding challenges to boost your skills

Start Practicing Now

RecommendedJobs for You