All jobs

IN_Director_CISO & DPO_IT Security_IFS_Bangalore

Pwc16h ago
Bengaluru Brigade MagnumOnsiteFull-timeSenior Level20+ yrs exp

Top focus

CisoPrivacy Officer

Line of Service Internal Firm Services Industry/Sector Not Applicable Specialism Operations Management Level Specialist Job Description & Summary At PwC, our people in business application consulting specialise in consulting services for a variety of business applications, helping clients optimise operational efficiency.

These individuals analyse client needs, implement software solutions, and provide training and support for seamless integration and utilisation of business applications, enabling clients to achieve their strategic objectives. As a business application consulting generalist at PwC, you will provide consulting services for a wide range of business applications.

You will leverage a broad understanding of various software solutions to assist clients in optimising operational efficiency through analysis, implementation, training, and support. Job Description & Summary : The CISO & DPO is a senior leadership role (Senior Director level) accountable for leading the organization’s cyber security strategy, information security governance, and data protection operations.

The role is split equally (50/50) between cyber security leadership and privacy governance. The incumbent will own the CISO office agenda, strengthen enterprise security posture, drive NIS and information security control implementation, and ensure alignment with the DPDP Act.

This position requires a strategic leader capable of influencing executive stakeholders and managing cross-functional teams across technology, business, legal, and risk departments

Responsibilities

  • Define and lead cyber security strategy, operating models, and governance routines.
  • Drive continuous improvement across security and privacy processes, playbooks, and SOPs.
  • Oversee incident response, vulnerability management, DLP, security exceptions, and remediation tracking.
  • Lead DPDP Act 2023 compliance, privacy risk assessments (DPIA/DPRA), data principal rights governance, and privacy incident coordination.
  • Mentor and develop multi-disciplinary teams.
  • Manage cross-functional working groups involving IT, Legal, Risk, and business units.
  • Sponsor and oversee compliance programs (ISO 27001, ISO 22301, SOC 2) and ensure security/privacy-by-design in new projects and technology rollouts.
  • Provide executive-level reporting on cyber risk, incident trends, regulatory readiness, and remediation status.
  • Mandatory skill sets : Ability to set enterprise cyber security strategy and operating models, and measure outcomes.
  • Expertise in coordinating assessments, evidence packs, and remediation plans for security and privacy controls.
  • Capability to oversee incident triage, escalation, and root-cause tracking.
  • Deep understanding of DPDP compliance, data rights, and privacy-by-design integration.
  • Proven leadership ability to influence executive stakeholders and build cross-functional alignment.
  • Ability to advise project/product teams on NIS controls and go-live readiness.
  • Preferred skill sets : Hands-on experience with ISO 27001, ISO 22301, SOC 2, and CIS controls frameworks.
  • Experience in business continuity planning (BCP), crisis management, and third-party/product security.
  • Strong executive communication skills and experience engaging with external assurance/regulatory interfaces.
  • Years of experience required : 20–25 years of overall experience in information security, cyber risk, technology risk, security governance, IT risk management, privacy governance, or regulatory compliance.
  • Education qualification : Bachelor's degree in Engineering , Computer Science, Information Systems, Cyber Security, Risk Management, or related discipline (essential).
  • Postgraduate qualification (desirable).
  • Preferred certifications include CISSP, CISM, CISA, CRISC, ISO 27001 Lead Implementer/Lead Auditor, ISO 22301, CCSP, or CIPM.
  • Executive leadership, crisis management, and program governance training are desirable.
  • Top of Form Bottom of Form Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Reasoning, Application Software, Business Data Analytics, Business Management, Business Technology, Business Transformation, Communication, Documentation Development, Emotional Regulation, Empathy, Implementation Research, Implementation Support, Implementing Technology, Inclusion, Intellectual Curiosity, Optimism, Performance Assessment, Performance Management Software, Problem Solving, Product Management, Product Operations, Project Delivery {+ 11 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship?
  • No Government Clearance Required?
  • No Job Posting End Date July 30, 2026

Required skills

cyber securityinformation securitydata protectionISO 27001ISO 22301SOC 2CIS controlsbusiness continuity planningcrisis managementprivacy governanceregulatory compliance
Posted on JobRush — the end-to-end AI job-search platform.