How much salary can I expect as a Assistant General Manager - IT Risk and Cybersecurity in Muthoot Fincorp Limited in Thiruvananthapuram?

You can expect a minimum salary of 0 INR. The salary offered will depend on your skills, experience and performance in the interview.

Is there any specific skill required for this job?

The candidate should have sound communication skills and sound communication skills for this job.

Who can apply for this job?

Both Male and Female candidates can apply for this job.

Is it a work from home job?

No, it's not a work from home job and can't be done online. You can explore and apply for other work from home jobs in Thiruvananthapuram at apna.

Are there any charges or deposits required while applying for the role or while joining?

No work-related deposit needs to be made during your employment with the company.

How can I apply for this job?

Go to the apna app and apply for this job. Click on the apply button and call HR directly to schedule your interview.

What is the last date to apply?

The last date to apply for this job is . For more details, download apna app and find Full Time jobs in Thiruvananthapuram . Through apna, you can find jobs in 64 cities across India. Join NOW!

Assistant General Manager - IT Risk and Cybersecurity

Muthoot Fincorp Limited

Assistant General Manager - IT Risk and Cybersecurity

Muthoot Fincorp Limited

Thiruvananthapuram

Not disclosed

Work from Office

Full Time

Min. 10 years

Job Description

Assistant General Manager - IT Risk

ROLE SUMMARY

The IT Risk role is fully accountable for managing and overseeing all IT and Cyber-related risks across the organization and its third-party ecosystem. The role ensures robust governance, regulatory compliance, and effective risk mitigation through structured risk assessment, Third-Party Risk Management (TPRM), KRIs monitoring, and information security advisory

KEY RESPONSIBILITIES

IT & Cyber Risk Oversight	· Own and manage the enterprise IT & Cyber Risk Framework. · Identify, assess, monitor, and report IT and cyber risks across business units. · Ensure risk treatment plans are developed, tracked, and closed within defined timelines. · Present risk posture and emerging threats to senior management and risk committees
Third-Party Risk Management (TPRM)	· Maintain and continuously enhance the TPRM framework. · Conduct IT & cyber due diligence for new and existing third parties. · Perform risk assessments, gap analysis, and remediation follow-ups. · Ensure timely closure of identified issues. · Evaluate vendor security controls and compliance posture
Key Risk Indicators (KRIs) Management	Define, monitor, and report KRIs for: Internal IT & Cyber risk landscape & Third-party risk exposure Escalate threshold breaches and drive corrective actions. Provide dashboards and periodic reporting to management and regulators.
TECHNICAL ROADMAP	Plan and implement the technical roadmap, tools and technologies in line with the company’s vision. Evaluate and recommend tools, frameworks and technologies to enhance system performances.
Regulatory & Compliance Assurance	Ensure compliance with all regulatory requirements related to: Third-Party/Vendor Risk Information Security Controls Cybersecurity governance Coordinate regulatory audits and examinations. Track and close audit findings within agreed timelines.
Information Security Control Assessment & Advisory	Conduct Information Security Control Assessments. Provide advisory support to business and IT teams on risk mitigation strategies. Ensure alignment with internal policies and regulatory standards.
Security Awareness & Training	Develop and deliver Information Security Awareness programs. Promote risk culture and cybersecurity awareness across the organization. Track training completion and effectiveness metrics.

KEY CHALLENGES

Balancing Risk & Business Agility
Third-Party Risk Visibility & Control
Timely Remediation & Issue Closure

SCOPE

Enterprise-wide IT & cyber risk oversight.
Accountability for risk exposure across internal operations and third-party network.
Direct engagement with senior management, regulators, auditors, and vendors.
High impact on regulatory standing, operational resilience, and reputational risk.

KEY INTERACTIONS

Internal Stakeholders

External Stakeholders

Chief Information Security Officer (CISO)

Procurement & Vendor Management

Internal Audit

Compliance & Legal

Third-Party Service Providers

EDUCATION / EXPERIENCE

B. Tech / B.E (CSE/EC/IT)
10+ years of Experience in IT Risk, Cyber Risk, or Information Security
Certification: ISO 27001 with CISA / CISM / CRISC
Strong experience in Third-Party Risk Management (TPRM).
Experience managing regulatory compliance in a regulated industry (e.g., Financial Services preferred).
Proven experience in risk assessment methodologies and control evaluation.
Exposure to audit and regulatory interactions.