Sr Information Security ( IC role & Certification preferred)

Dear Candidates,

Greetings!

Enclosed below the Job description-

Key Responsibilities:

Security Operations & Incident Management

• Monitor and manage daily security operations, including threat detection, incident response, and log analysis through SOC tools.
  
• Coordinate incident handling activities and conduct root cause analysis and reporting.
  
• Maintain and update the incident response playbook and ensure relevant stakeholders are informed.
  

Regulatory Compliance & Risk Management

• Support internal and external audits related to RBI, NPCI, CERT-In, PCI DSS, and ISO 27001.
  
• Maintain compliance documentation and evidence for inspections and partner audits.
  
• Conduct risk assessments, BCP/DR drills, and vendor security reviews.
  

Cloud & Payment Systems Security

• Work closely with DevOps and engineering teams to secure UPI, IMPS, AEPS, and other API-based payment platforms.
  
• Ensure security best practices in deployment architectures on AWS, Azure, or OCI, including key management, encryption, and access controls.
  
• Facilitate VAPT activities and follow-up on remediation.
  

Policy Implementation & Governance

• Assist in the development and enforcement of security policies, standards, and procedures.
  
• Track policy compliance and manage exceptions or deviations through a formal risk acceptance process.
  
• Conduct periodic security awareness training across the organization.
  

Collaboration & Cross-Functional Support

• Act as a liaison between security and other departments including product, engineering, legal, and compliance.
  
• Support customer due diligence processes, including responding to security questionnaires.
  
• Prepare and present periodic reports on the organizations security posture to leadership.
  

Qualifications & Experience:

• Bachelors degree in Computer Science, Information Security, or a related field. Master’s preferred.
  
• 5–8 years of relevant experience in information security, preferably in a fintech, banking, or payments environment.
  
• Strong working knowledge of cloud security (AWS, Azure, OCI), API security, and payment platforms.
  
• Experience with regulatory audits, RBI/NPCI compliance, and security standards (ISO 27001, PCI DSS).
  

Certifications (Preferred):

• CISSP, CISM, CEH, CCSP, ISO 27001 Lead Auditor, or PCI DSS Implementer.
  

Desired Attributes:

• Strong analytical and problem-solving skills.
  
• Excellent communication and stakeholder management abilities.
  
• Detail-oriented with a focus on operational excellence.
  
• Passionate about secure digital payments and emerging fintech security trends.

Regards,

Human Resource