What is the eligibility criteria to apply for IT and Cybersecurity Risk Metrics and Compliance Manager in Apex Group in Pune?

The candidate should have completed the required education and people who have 10 to 15 years are eligible to apply for this job. You can apply for more jobs in Pune to get hired quickly.

Is there any specific skill required for this job?

The candidate should have sound communication skills and sound communication skills for this job.

Who can apply for this job?

Both Male and Female candidates can apply for this job.

Is it a work from home job?

No, it's not a work from home job and can't be done online. You can explore and apply for other work from home jobs in Pune at apna.

Are there any charges or deposits required while applying for the role or while joining?

No work-related deposit needs to be made during your employment with the company.

How can I apply for this job?

Go to the apna app and apply for this job. Click on the apply button and call HR directly to schedule your interview.

What is the last date to apply?

The last date to apply for this job is . For more details, download apna app and find Full Time jobs in Pune . Through apna, you can find jobs in 64 cities across India. Join NOW!

IT and Cybersecurity Risk Metrics and Compliance Manager

Apex Group

IT and Cybersecurity Risk Metrics and Compliance Manager

Apex Group

Pune

Not disclosed

Work from Office

Full Time

Min. 10 years

Job Description

IT & Cyber_Technical_Risk_Metrics_Specialist_Compliance_Manager

The Apex Group was established in Bermuda in 2003 and is now one of the world’s largest fund administration and middle office solutions providers.

Our business is unique in its ability to reach globally, service locally and provide cross-jurisdictional services. With our clients at the heart of everything we do, our hard-working team has successfully delivered on an unprecedented growth and transformation journey, and we are now represented by over circa 13,000 employees across 112 offices worldwide.Your career with us should reflect your energy and passion.

That’s why, at Apex Group, we will do more than simply ‘empower’ you. We will work to supercharge your unique skills and experience.

Take the lead and we’ll give you the support you need to be at the top of your game. And we offer you the freedom to be a positive disrupter and turn big ideas into bold, industry-changing realities.

For our business, for clients, and for you

Role Overview:

This role governs, monitors, and continuously improves IT & Cyber risk metrics so they are
fit for purpose, aligned with Cyber Strategy, and meet expectations set by the Group CISO.
Operating within Banking, Finance, and Hedge Fund environments, the role ensures metrics
reflect financial risk exposure, operational resilience, and compliance with global regulatory
frameworks. The role leads the annual Risk & Control Self-Assessment (RCSA) and provides
strategic inputs to the Technology Risk Forum.

Key Responsibilities:

• Metrics Governance & Cyber Strategy Alignment: Define, review, and maintain IT &
Cyber KRIs/KPIs in line with Cyber Strategy and Group CISO directives; map to risk
appetite thresholds and business services.
• Continuous Improvement & Remediation: Monitor failing metrics; lead root cause
analysis and remediation plans. Implement a Metric Rewrite Protocol for metrics that
consistently fail or are misaligned.
• RCSA Execution: Lead annual RCSA across technology domains; ensure residual risk
remains within appetite and align methodology with Group CISO expectations.
• Strategic Reporting & Governance: Provide decision-ready inputs to the Technology
Risk Forum: posture, trends, material events, remediation, and asks.
• Compliance & Regulatory Alignment (Global): Maintain cross-framework control
mapping and evidence across ISO/IEC 27001:2022, NIST CSF 2.0, COBIT, ISO 31000;
and regulations/obligations including SOX 404, GDPR, DORA (EU), PCI DSS v4.0, and
applicable regional rules (e.g., FFIEC/US, UK PRA/FCA, MAS TRM, HKMA, APRA CPS
234).
• Stakeholder Engagement: Liaise with Application, Infrastructure, Service Owners, SOC,
IT Ops, Risk, Compliance, and external auditors/regulators. Influence remediation and
strategic risk initiatives.
• Automation & Reporting: Partner with BI/GRC teams to deliver automated dashboards
and single source of truth for metric definitions, thresholds, owners, and evidence.
• Execute delegated tasks as deemed appropriate by the Group CISO and other
empowered Group Cyber leadership authorities, ensuring timely and effective
completion in alignment with organizational priorities.
• Support the Group Cyber Strategy end-to-end, driving alignment of all activities,
decisions, and deliverables with strategic objectives and business outcomes.

Candidate Profile:

Experience:
• 10–15+ years in IT/Cyber Risk, GRC, or Technical Assurance within financial services.
• Hands-on designing/operating KRIs/KPIs and turning failing metrics green.
• Led RCSA and audit/regulator engagements across multiple regions.
Skills:
• Technical: vulnerability and patch governance, IAM/PAM, cloud security, incident
response, DR/BC, change risk.
• Risk & Compliance: appetite, control frameworks (ISO 27001, NIST CSF, COBIT, ISO
31000), SOX 404, DORA, GDPR, PCI DSS.
• Tooling: GRC platforms (ServiceNow/Archer), dashboards (Power BI/Tableau), CMDB,
ticketing (ServiceNow/Jira).
• Soft Skills: communication, articulation, presentation, stakeholder influence, executive
narratives.

Preferred Certifications:
• - CISM / CRISC
• - ISO 27001 Lead Auditor
• - ITIL
• - Cloud security certs (AWS/Azure/GCP

Disclaimer: Unsolicited CVs sent to Apex (Talent Acquisition Team or Hiring Managers) by recruitment agencies will not be accepted for this position. Apex operates a direct sourcing model and where agency assistance is required, the Talent Acquisition team will engage directly with our exclusive recruitment partners.