Cyber Security SME

Luxoft -
Bengaluru, Karnataka

Apply Now

Job details

1 day ago

Qualifications

CI/CD
Azure
Encryption
CISSP
English
CCSP
CISM
RBAC
Firewall
AWS
NIST standards
IDS
Continuous integration
Splunk
Sailpoint
APIs
ISO 27001
Cybersecurity
AI
CyberArk
Communication skills
Banking
Identity & access management
SDLC
VPN

Full job description

Project description

We are seeking a Cyber Security SME to lead the design, implementation, and governance of security controls across the bank's technology landscape. The role will ensure robust protection of platforms, networks, cloud environments, client data, and critical banking infrastructure while maintaining compliance with global regulatory requirements.

Responsibilities

Security Strategy & Architecture

Define and implement enterprise-wide cyber security strategy aligned to the bank's business and technology landscape

Design and govern secure architectures across:

Network infrastructure (on-prem and hybrid connectivity)

Cloud platforms (Azure, AWS, GCP)

Identity and access management ecosystems

Core banking, trading, and payment systems

Embed security-by-design and zero trust principles across all layers

Core Security Domains Ownership

Lead and provide SME oversight across key cyber domains:

Network Security (firewalls, IDS/IPS, segmentation, secure connectivity, DDoS protection)

Cloud Security (secure configuration, CSPM, workload protection, cloud-native controls)

Identity & Access Management (IAM/PAM) (RBAC, MFA, privileged access, identity governance)

Endpoint & Infrastructure Security (EDR/XDR, device hardening, patching)

Application Security (secure SDLC, DevSecOps, API security, code scanning)

Data Security (encryption, tokenisation, DLP, data classification)

Threat & Risk Management

Lead threat modelling and risk assessments across critical banking systems and infrastructure

Define mitigation strategies aligned to frameworks (NIST, ISO 27001, CIS)

Oversee vulnerability management, penetration testing, and security assurance activities

Security Operations & Incident Response

Provide oversight on SOC, SIEM, SOAR, and threat detection capabilities

Enhance monitoring through AI-driven anomaly detection and behavioural analytics

Define and lead incident response strategies for cyber events (ransomware, breaches, insider threats, DDoS)

Regulatory & Compliance

Ensure compliance with relevant regulations and standards:

DORA (Digital Operational Resilience Act)

PRA / FCA cyber resilience requirements

GDPR and data protection regulations

SWIFT Customer Security Programme (CSP)

Support audits, regulatory reviews, and cyber resilience testing

Third-Party & Supply Chain Security

Assess and manage cyber risk across vendors, fintech partners, and infrastructure providers

Define third-party security standards, onboarding controls, and continuous monitoring

Stakeholder Management & Advisory

Act as trusted advisor to CIO, CISO, Risk, and business stakeholders

Translate technical cyber risks into business and operational impact

Support RFPs, client engagements, and strategic cyber transformation initiatives

Skills

Must have

Work Experience:

Essential:

At least 5 years of relevant experience in cyber security within banking / financial services

Proven expertise across network, cloud, IAM, application, and data security domains

Hands-on knowledge of security frameworks (NIST, ISO 27001, CIS Controls)

Technical Capabilities

Network Security: Firewalls (e.g., Palo Alto, Fortinet), IDS/IPS, VPNs, segmentation

Cloud Security: Azure/AWS/GCP security services, CSPM, IAM integration, container security

IAM/PAM: Okta, Azure AD, CyberArk, SailPoint or similar

Security Operations: SIEM (Splunk, Sentinel), SOAR, threat intelligence platforms

Endpoint Security: EDR/XDR solutions (e.g., CrowdStrike, Defender)

DevSecOps: CI/CD security integration, SAST/DAST tools

Data Protection: Encryption standards, key management, DLP

Regulatory Knowledge

Strong understanding of cyber resilience expectations within banking

Experience supporting audits, regulatory submissions, and control frameworks

Soft Skills

Strong stakeholder engagement and executive communication skills

Ability to operate at both strategic (CISO-level) and hands-on technical levels

Experience working across global, distributed teams

Nice to have

Certifications: CISSP, CISM, CISA, CCSP, Azure/AWS Security certifications

Experience with Zero Trust Architecture and cloud transformation programmes

Exposure to AI-driven cyber security and automation

Other

Languages

English: C1 Advanced

Seniority

Senior

Bengaluru, India

Req. VR-122313

Other Consulting

BCM Industry

02/06/2026

Req. VR-122313

Apply Now

Project description

Responsibilities

Skills

Other

Jobseeker tools

Employer Tools

Browse

Stay Connected