We are seeking a highly skilled and experienced Senior Manager – Information Security to lead the development and execution of our cybersecurity strategy. This role will play a key part in securing our cloud-native digital lending platforms and ensuring compliance with key regulations such as the RBI Master Directions, DPDP Act, and ISO 27001 standards. You will lead governance, risk, compliance, and security operations while collaborating with Legal, IT, Compliance, and Product teams. This is a critical leadership role in building a security-first culture and enabling business growth through robust information security practices. What You'll Do: Governance & Compliance: Develop and maintain information security policies and drive compliance with ISO 27001, SOC 2, and RBI guidelines. Act as the primary contact for audits and inspections. Risk Management: Conduct risk assessments, manage risk registers, and oversee third-party/vendor security reviews. Security Operations: Oversee tools and processes for SIEM, DLP, EDR, patch management, and incident response. Lead security incident simulations and resolution. Cloud & App Security: Manage AWS security architecture, implement CSPM programs, and embed secure coding and DevSecOps practices across CI/CD pipelines. Business Continuity & DR: Maintain and test disaster recovery and continuity plans (RTO: 60 mins; near-zero RPO). Awareness & Culture: Run regular security training, phishing drills, and promote a security-aware culture across the organization. Reporting & Strategy: Present security metrics, dashboards, and risk reports to leadership and participate in strategic IT governance forums. What We’re Looking For: 8+ years in cybersecurity or information security roles; at least 3 years in a leadership capacity. Background in fintech, NBFC, or regulated financial services preferred. Proven track record in managing audits (ISO 27001, SOC 2), incident response, and cloud security (AWS). Strong knowledge of cybersecurity tools and frameworks: AWS, SIEM, CSPM, IAM, patch management, DLP, EDR. Familiar with secure SDLC, DevSecOps, threat modeling, and regulatory compliance. Effective communicator with experience working across cross-functional teams. Certifications (preferred): CISSP, CISM, CISA, ISO 27001 Lead Auditor/Implementer, AWS Security Specialty. Bonus: DCPP, CIPP/E, or other data privacy/RBI-focused certifications. About Kissht: Kissht, a Great Place to Work® certified organization, is a consumer-first credit app that is transforming the landscape of consumer credit. As one of the fastest-growing and most respected FinTech companies, Kissht is a pioneer in data and machine-based lending. With over 15 million customers, including 40% from tier 2 cities and beyond, we offer both short and long-term loans for personal consumption, business needs, and recurring expenses. Founded by Ranvir and Krishnan, alumni of IIT and IIM, and backed by renowned investors like Endiya Partners, the Brunei Investment Authority, and the Singapore Government, Kissht is synonymous with excellence in the industry. Join us and be a part of a dynamic, innovative company that is changing the future of financial technology. Show more Show less