Lead - Information Security Management - Banking/FinTech/NBFC

About the Role

As the Lead - Infosec Management, you will be responsible for fortifying our cybersecurity posture and ensuring our digital payment ecosystem remains resilient against evolving threats. You will oversee the strategic implementation of security frameworks, lead incident response efforts, and ensure rigorous compliance with financial regulations.

Key Responsibilities

1) Security Governance: Develop, implement, and maintain comprehensive information security policies and procedures in alignment with RBI guidelines, NPCI standards, and PCI-DSS.

2) Risk Management: Conduct regular VAPT (Vulnerability Assessment and Penetration Testing), risk assessments, and third-party security audits to identify and mitigate potential vulnerabilities.

3) Compliance & Audits: Lead internal and external security audits. Ensure the organization meets all statutory and regulatory requirements specific to the fintech and banking sectors.

4) Incident Response: Manage the security operations center (SOC) activities, spearheading incident detection, investigation, and remediation protocols.

5) Identity & Access Management: Oversee IAM frameworks to ensure secure access across all enterprise platforms and payment gateways.

6) Stakeholder Management: Collaborate with engineering, product, and legal teams to integrate security-by-design principles into the product development lifecycle.

Required Qualifications & Skills

1) Experience: 8 to 12 years of core experience in Information Security (Candidates exceeding 14 years will not be considered).

2) Industry Background: Mandatory experience within Fintech, Banking, or NBFCs. A deep understanding of the Indian payment landscape is highly preferred.

3) Technical Proficiency: Hands-on experience with Firewalls, IDS/IPS, SIEM tools, Data Leakage Prevention (DLP), and Cloud Security (AWS/Azure).

4) Certifications: Preference for candidates holding CISA, CISM, CISSP, or CEH certifications.

5) Regulatory Knowledge: Strong command over ISO 27001, PCI-DSS, and RBI Cybersecurity Frameworks.

Soft Skills:

1) Exceptional leadership and team management capabilities.

2) Strong analytical thinking and problem-solving skills under high-pressure scenarios.

3) Clear communication skills to translate complex technical risks into business impact for senior leadership.

Note to Candidates: This is a Mumbai-based role following a 5-day work week. If you have a proven track record of securing high-volume financial transaction systems, we would like to hear from you.