Director : Information Security

Location : Bengaluru

- This job requires you to be an IC as well as a leader who will be involved in all infosec aspects both for our banking clients and internal.

- Your role would involve and not limited to the following Implement, manage, and maintain information security related compliances such as ISO 27001, GDPR, SOC 2 & 3, PCIDSS, etc.

- Conduct periodic risk assessments and internal audits Maintain compliance related documents across all scoped functions; Provide continuous support to the teams in their compliance journey

- Perform ongoing refactoring of implemented controls Lead compliance audits and close of non-conformances and suggestions Liaise closely with the IT and Engineering team to implement best in class information/data security/privacy controls Identify opportunities to adopt innovative technologies and best practices

- Be the information security SPOC for our external banking clients for cyber security related queries and closure.

- You should be able to prepare detailed data flow diagrams and documents for both clients and internal Face ISO27001, PCIDSS audits conducted third parties and banks

- Build a team of security officers to dedicatedly work for each of our banking clients for maintaining compliance and supporting banks queries.

What you will need 12+ years of experience in implementation and maintenance of information security related compliances

- Excellent understanding of IT and SDLC processes Excellent communication skills; Should be able to communicate complex and dry IT topics in a fun way Very good understanding of cloud architecture/technologies like kubernetes, docker, infrastructure as a code etc is a plus Theoretical understanding of cloud platforms like AWS and GCP is a must.

- You should be able to communicate efficiently with devops teams Exposure to ISO 27001 and PCI DSS is a must Should be proficient conducting internal audits Understanding of security engineering ( VAPT, devsecops etc ) and tools ( like Palo alto ) is required.

- Should be able to liase with security engineering teams, vendors ,incident response teams for smooth implementation of compliances.

This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.