Chief Information Security Officer

Job Title: Chief Information Security Officer (CISO) Job Level: Senior Level Report to: Chief Technology Officer Department: Technology Organization: Airpay Payment Services Pvt. Ltd (https://www.airpay.co.in/) Location: Mumbai Job Summary The Chief Information Security Officer (CISO) is a senior executive role responsible for establishing and maintaining the enterprise's vision, strategy, and program to ensure information assets and technologies are adequately protected. The CISO will oversee and direct information and Cybersecurity operations, ensuring the implementation of effective security measures, compliance with relevant regulations, and continuous improvement in response to evolving security threats. This role requires collaboration with various teams across the organization to integrate security practices into all aspects of business operations. Key Responsibilities Strategic Direction & Policy Framework: Define, develop, and maintain a business-aligned Information and Cybersecurity strategy. Establish and embed an Information Security Policy Framework that complies with industry standards and legislative requirements. Advise the senior leadership team on the integration of security practices into organizational processes. Leadership & People Management Develop and lead a high-performance Information Security team, attracting and retaining key talent. Foster a culture of innovation and continuous improvement within the Information Security unit. Establish clear and measurable strategic plans, budgets, and targets for the Information Security team. Risk Management & Security Operations Provide leadership and oversight of effective information and Cybersecurity risk management. Ensure the management of security risks related to suppliers and delivery partners. Develop and maintain an Information Security Management System (ISMS) with processes for continual improvement. Compliance & Incident Management Ensure compliance with relevant laws and regulations, including PCIDSS and ISO 27001 standards. Direct investigations into security breaches and liaise with the Information Rights team on data protection legislation. Promote a strong information security culture across the organization. Required Qualifications A list of the educational and professional qualifications required for the position. Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field. Extensive experience in senior management within a complex IT organization, including service delivery, application development, and IT infrastructure. Proven track record in managing and delivering transformational security improvements across an organization. Strong understanding of Information Security best practices, risk management, and relevant standards (e.g., ISO 27001, PCIDSS). Experience in leading, developing, and motivating a team of security professionals. Strong strategic thinking, leadership, and stakeholder management skills. Show more Show less