Head of Information Security(CISO)

Job Title:

Location:

Type

Department:

Position Summary

Chief Information Security Officer (CISO)

Key Responsibilities

1. Security Strategy & Governance

• Develop and lead a comprehensive cybersecurity strategy in line with RBI regulations and industry standards (e.g., PCI-DSS, ISO 27001, NIST).
• Establish and maintain security policies, procedures, and controls to protect customer and transactional data.
• Oversee the operation and continuous improvement of the Information Security Management System (ISMS).

2. Regulatory Compliance

• Ensure full compliance with RBI Guidelines on Payment Aggregators, including mandatory 24-hour reporting of security incidents to RBI’s Department of Payment and Settlement Systems and CERT-In.
• Ensure adherence to applicable regulations such as PCI-DSS, GDPR (if applicable), and ISO standards.
• Liaise with internal/external auditors and regulators to conduct regular security reviews and audits.

3. Incident Management

• Design and maintain an effective cybersecurity incident response framework.
• Lead investigations, containment, remediation, and post-incident reviews of security breaches or cyber threats.
• Ensure timely submission of root cause analyses and regulatory reporting of incidents.

4. Vendor and Third-Party Risk Management

• Lead security assessments and due diligence of third-party service providers, technology partners, and cloud vendors.
• Evaluate vendor compliance with security certifications (e.g., ISO 27001, PCI-DSS) and reporting capabilities.
• Define and enforce security requirements in vendor contracts and SLAs.

5. Cyber Risk Management

• Conduct enterprise-wide risk assessments and develop risk treatment plans for critical systems and processes.
• Deploy controls to address threats such as data breaches, fraud, malware, and DDoS attacks.
• Monitor emerging threats, vulnerabilities, and attack trends in the digital payments landscape.

6. Team Leadership & Awareness

• Build, mentor, and manage a high-performing cybersecurity team.
• Promote a strong security culture through employee awareness programs and regular training.
• Work cross-functionally with IT, Compliance, Legal, and Operations to embed security into business workflows.

7. Technology Leadership

• Evaluate, deploy, and manage cutting-edge cybersecurity technologies including SIEM, firewalls, EDR, IDS/IPS, encryption, and fraud prevention systems.
• Ensure secure design and integration of APIs, payment gateways, and technical infrastructure.
• Stay informed of innovations in cybersecurity, digital payments, and data protection.

Qualifications & Experience

Education:

• Bachelor’s or Master’s degree in Computer Science, Information Security, Cybersecurity, or a related field.
• Professional certifications such as

  CISSP

  ,

  CISM

  ,

  CISA

  , or

  CRISC

  are highly preferred.

Experience:

• Minimum

  10+ years

  of progressive experience in cybersecurity, with

  at least 5 years in a senior leadership role

  .
• Extensive experience in managing security within

  payment processing, fintech, or financial services

  environments.
• Demonstrated experience in

  RBI-compliant security practices

  , incident reporting, and regulatory engagement.
• Proven track record of

  PCI-DSS and ISO 27001 compliance implementation

  and audit management.

Skills & Competencies

• In-depth knowledge of information security standards and frameworks (e.g., ISO 27001, NIST, OWASP).
• Strong understanding of

  RBI Guidelines

  for Payment Aggregators and regulatory reporting procedures.
• Proficiency in

  cloud security

  ,

  API security

  ,

  encryption protocols

  , and

  fraud detection systems

  .
• Excellent leadership, communication, and stakeholder management skills.
• Ability to analyze complex risks and design effective, pragmatic solutions.

Preferred Qualifications

• Experience working with regulatory authorities such as RBI, CERT-In, or NPCI.
• Background in vendor risk management and secure third-party integrations.
• Awareness of emerging technologies in payments, including

  blockchain

  ,

  UPI

  , or

  tokenization

  .

Why Join Us?

• Lead security for a growing and mission-driven fintech at the forefront of India’s digital payments revolution.
• Collaborate in a dynamic environment with innovation at its core.
• Competitive compensation, performance-based incentives, and comprehensive benefits.
• Opportunity to shape national payment security practices and influence regulatory policy adherence.