Sr. Cyber Security Engineer
Company Name: Travtech Software Location: Bengaluru Work Mode: Work from office Role: Sr. Cyber Security Officer Reporting to: EVP Travtech seeking a Senior Cybersecurity Officer to lead and manage our cybersecurity initiatives in a fast-paced, product-driven environment within the travel technology industry . This role is critical in ensuring the security of our platforms, customer data, and internal systems while supporting agile product development, third-party integrations, and global customer operations. Key Responsibilities: Cybersecurity Strategy & Governance: Develop, implement, and maintain a comprehensive cybersecurity strategy aligned with business goals and regulatory requirements. Lead risk assessments and audits across systems, products, and data environments. Define and enforce security policies, frameworks, and best practices across the organization. Product Security: Work closely with product and engineering teams to embed security into the SDLC (Secure Development Lifecycle). Conduct security reviews of application architecture, APIs, and third-party integrations commonly used in the travel domain (e.g., GDS systems, booking engines, payment gateways). Coordinate secure code reviews and threat modeling for new and existing products. Incident Response & Threat Management: Lead security incident response efforts, from detection to containment and post-mortem analysis. Monitor threat intelligence and emerging cyber risks relevant to the travel industry. Compliance & Data Protection: Ensure adherence to data protection and privacy regulations like GDPR, PCI-DSS, and regional travel-specific compliance standards. Collaborate with legal, compliance, and IT teams to maintain audit readiness and regulatory reporting. Team Leadership & Awareness: Mentor security team members and lead cross-functional training efforts. Drive security awareness and training across development and business teams. Qualifications: Bachelor’s or Master’s in Computer Science, Cybersecurity, Information Technology, 10+ years of experience in information security, with 4+ years in a senior or lead role. Experience in product-based companies, preferably in the travel, or fintech domains. Strong understanding of: Web and API security Cloud platforms (AWS, Azure, GCP) DevSecOps practices Network and endpoint security IAM, SIEM, EDR, and vulnerability management tools Hands-on knowledge of security standards and frameworks: NIST, ISO 27001, OWASP, CIS Controls, etc. Relevant certifications preferred: CISSP, CISM, CEH, OSCP, CCSP
