Senior Information Security Officer

General Information

Close date:

Thursday, 31 July 2025

Working pattern:

Full time

Contract Type:

Permanent

Location:

Gurgaon (SEZ1)

Department:

13 - 13 Security

Description & Requirements:

Bravura’s Commitment and Mission
At Bravura Solutions, collaboration, diversity and excellence matter. We value your ideas, giving you room to be curious and innovate in an exciting, fast-paced, and flexible environment. We look for many different skills and abilities, as well as how you can add value to Bravura and our culture.
As a Global FinTech market leader and ASX listed company, Bravura is a trusted partner to over 350 leading financial services clients, delivering wealth management technology and products. We invest significantly in our technology hubs and innovation labs, which inspire and drive our creative, future-focused mindset. We take pride in developing cutting-edge, digital first technology solutions that support our clients to achieve financial security and prosperity for their customers.
Position Overview
The Senior Information Security Officer is responsible for supporting the implementation and operation of the organisation's Information Security Management System (ISMS) within their region. This role will drive security risk management, policy compliance, audits (internal, external and client), training and awareness, supply chain risk, and support security operations in incident management. As a Managed Service Provider (MSP) and data processor for clients, the ISO will ensure that security controls align with client contractual obligations, regulatory requirements, and industry best practices. The ISO will work closely with global security leadership, regional stakeholders and clients to address both internal and client-specific security challenges.

The position is within the Information Security team. Main activities will include but are not limited to:
Responsibility Internal Audit & Assurance:

• Oversee the implementation and operations of the ISMS within the region.
• Ensure and support alignment with global security policies and regulatory requirements including ISO27001, SOC2 type II and PCI-DSS.
• Continuously assess and improve security controls and processes.

Information Security Risk Management

•  Identify, assess, and mitigate security risks.
•  Maintain the risk register and track remediation activities.
•  Provide risk-based guidance to business units, IT teams, and client-facing operations.

Information Security Policy & Standards

• Ensure compliance with corporate security policies, frameworks, and client-specific security mandates.
• Develop and enforce security standards and client requirements.
• Input into periodic reviews and updates to security policies to align with evolving requirements.

Information Security Audit & Compliance

•  Lead and support internal and external security audits, ensuring timely remediation of findings.
• Provide security assurance to clients by responding to security questionnaires and participating in client audits.
• Coordinate with service delivery teams to meet client-specific obligations.
• Monitor and report on security posture, client security commitments, and compliance status.
• Information Security Training & Awareness
• Develop, support deliver security awareness programs 
• Support phishing exercises and other training initiatives to enhance security culture.
• Collaborate with HR and other departments to ensure security education is embedded in employee onboarding and ongoing training.

Supply Chain Risk Management

• Assess and manage security risks associated with third-party vendors and suppliers.
• Ensure that security requirements are included in vendor contracts and SLAs.
• Perform regular security assessments of critical suppliers, considering the impact on client services.

Security Operations & Incident Management Support

•  Assist in managing and responding to security incidents within the region, to ensure rapid containment and remediation.
• Work with the Security Operations team to protect both internal and client environments.
• Support post-incident reviews and contribute to continuous improvement in incident handling, including lessons learned for client operations.

In addition to the above position-specific responsibilities, all employees are required to undertake any other reasonable duties and responsibilities within your capability and skills, when requested to do so.
Qualifications and Experience 

• Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience).
• 5+ years of experience in an information security role, preferably with regional oversight in an MSP or data processing environment.
• Strong understanding of ISO27001, NIST, GDPR, and other security and data protection frameworks.
• Experience in security risk management, audits, compliance, and client security assurance.
• Knowledge of security operations, incident response, and managed security services.
• Familiarity with supply chain security and third-party risk management.
• Excellent communication and stakeholder management skills, with experience working with clients on security matters.
• Security certifications such as CISSP, CISM, or CRISC are preferred.

Working at Bravura
Our people are the heart of our business. We work hard to provide a rich employee experience and a robust framework for ongoing career development.

• Competitive salary and employee benefits scheme
• 2 paid volunteering days and a range of community-based initiatives to get involved in
• Parental (including secondary) leave policy
• Free meals and transport

So, what’s next?
We make hiring decisions based on your experience, skills and passion so even if you don’t match every listed skill or tick all the boxes, we’d still love to hear from you.
Please note that interviews are primarily conducted virtually and if you require any reasonable adjustments or would like to note which pronouns you use, please let us know.
All final applicants for this position will be asked to consent to a criminal record and background check. Please note that people with criminal records are not automatically barred from applying for this position. Each application will be considered on its merits. Youtube Video