AVP SOC & Cyber Security Awareness - NBFC Co - Vikhroli

Job Description

The details of the position are:Company: Leading NBFC company.Designation: Assistant Vice President SOC & Cyber Security AwarenessRole: SOC & Cyber Security AwarenessReporting: VP - : SOC & Cyber Security AwarenessLocation:Mumbai.Work Days: 5.Purpose of the Job:The Assistant Vice President (AVP) SOC & Cybersecurity Awareness will play a pivotal role in strengthening the organisations cybersecurity posture. This position involves overseeing Security Operations Centre activities, driving continuous improvement in threat detection and incident response, and leading strategic initiatives to Enhance cybersecurity awareness across the enterprise. The AVP will collaborate with cross-functional teams to ensure SOC operations align with regulatory standards.audit requirements, and industry best practices. Additionally, the role includes designing and executing awareness programs that foster a security-first culture among employees, stakeholders, and partnersRole & Responsibilities - 1. Strategic Program Development & Execution:Design and implement a comprehensive cybersecurity awareness and behaviour change program tailored to various internal audiences (executives, employees, contractors, vendors). Develop, document, and implement Standard Operating Procedures (SOPs) for SOC operations while continuously refining processes to enhance efficiency and effectiveness. Develop an annual awareness calendar including campaigns, phishing simulations, newsletters, security champions initiatives, and gamified learning. Align awareness efforts with global security frameworks (e.g., NIST, ISO 27001, CIS), regulatory requirements (e.g., RBI, DPDP), and organisational security strategy.2. Content Creation and Communication:Create engaging, informative, and easily digestible security-related content (emailers, videos, infographics, playbooks, e-learnings). Localise content for cultural and regional relevance across geographies.3. Training: o Develop role-based security training (for developers, IT staff, risk teams, etc.). o Monitor training completion rates and effectiveness using data analytics.4. Phishing Simulations & Metrics:Design and manage regular simulated phishing campaigns across business units. o Analyse and report campaign results, identify risky user groups, and implement targeted follow-ups or remediation training.5. Regulatory Compliance:o Ensure SOC operations remain compliant with evolving regulatory frameworks by staying informed of changes and proactively updating internal controls, policies, and procedures to reflect new requirements6. Audit Management:o Lead and oversee security audits by ensuring SOC processes align with audit standards and effectively communicate findings and remediation strategies to stakeholders.7. Stakeholder Engagement & Culture Building:o Partner with business units, risk teams, HR, compliance, and IT to embed cyber risk awareness into business-as-usual processes.o Build and manage a network of security champions or ambassadors.o Present updates to senior management, audit committees, and regulators as needed.Qualifications:Bachelors degree in information technology, Cybersecurity, Communications, or a related field. Certifications preferred: CISM, CISA, CompTIA Security, or similar.Experience:10 years of professional experience, with at least 5 years in cybersecurity awareness or training roles. Experience in BFSI (Banking, Financial Services & Insurance) domain strongly preferred. Familiarity with risk frameworks, regulatory environments, and cybersecurity tools.Skills & Competencieso Cybersecurity knowledge: Understanding of core security principles, threat vectors, and controls.o Communication expertise: Excellent verbal and written communication with a knack for simplifying complex topics.Campaign execution: Experience planning and running large-scale campaigns, events, or training rollouts. Analytical mindset: Ability to analyse data from phishing campaigns or learning platforms to improve programs. Stakeholder management: effectively communicating across all organizational levels to ensure timely outcomes. Creativity & innovation: Brings fresh ideas to improve engagement and reach.For any further queries, write us at hidden_email

Keyskills :
securityawarenesscybersecurity awarenesscyber security