Senior Partner - Security Compliance

RateGain Travel Technologies Limited is a global provider of AI-powered SaaS solutions for travel and hospitality, collaborating with 3,200+ customers and 700+ partners in 100+ countries to enhance revenue generation through acquisition, retention, and wallet share expansion. Our organization is a key player in processing electronic transactions, price points, and travel intent data, assisting revenue management, distribution, and marketing teams in various sectors such as hotels, airlines, meta-search companies, and more. Founded in 2004 and based in India, RateGain has established partnerships with 26 of the Top 30 Hotel Chains, 25 of the Top 30 Online Travel Agents, 4 of the Top 5 Airlines, and major car rentals, including 16 Global Fortune 500 companies, to facilitate revenue growth consistently. RateGain offers a wide array of products designed to empower businesses in the Travel and Hospitality industry to boost revenue, optimize digital presence, and elevate customer experiences. Our key products include UNO, a cutting-edge AI-powered revenue maximization platform, Distribution for seamless inventory and pricing management, Demand Booster for driving traffic to hotel websites, and DAAS providing real-time data and insights for informed decision-making. As the Senior Partner - Security Compliance at RateGain, you will play a crucial role in developing, implementing, and managing the organization's security compliance and governance framework. Your responsibilities will involve ensuring adherence to regulatory standards such as GDPR, PCI DSS, ISO 27001, NIST, SOC 2, DPDP, and SEBI CSCRF, while proactively identifying and mitigating cybersecurity risks. Collaborating with internal and external stakeholders, managing audits, driving security awareness, and continuously enhancing compliance programs will be key aspects of your role to support business objectives effectively. Your day-to-day activities will include developing and managing cybersecurity governance frameworks aligned with global and local regulations, ensuring IT policies comply with industry standards, staying updated on regulatory changes, conducting security assessments and gap analysis, leading audits and regulatory assessments, assessing security risks, managing third-party vendor compliance, overseeing incident management, implementing cloud security governance, and driving security awareness initiatives. To qualify for this role, you should hold a Bachelor's degree in Computer Science, Cybersecurity, or a related field (Masters preferred), along with 7+ years of experience in cybersecurity governance, compliance, and risk management. Certifications such as CISSP, CISA, CISM, CRISC are preferred. Your knowledge should encompass expertise in security frameworks (ISO 27001, NIST, PCI DSS, GDPR, SOC 2, SEBI CSCRF), a strong understanding of cybersecurity governance, risk management, and compliance, and in-depth knowledge of IT security policies, risk indicators, and regulatory obligations. Moreover, your skills should include conducting security compliance assessments, risk analysis, and remediation planning, technical expertise in IT governance, cloud security, and incident response, as well as strong leadership, stakeholder management, and communication skills. Your attitude should reflect strategic thinking and problem-solving in cybersecurity risk and compliance, effective collaboration with internal and external teams, and adaptability to evolving cybersecurity regulations and best practices.,