Senior Information Security Leader (4-8 yrs)

We are looking for a senior Information Security leader to join our rapidly growing fintech company. Prior experience in a regulated financial environment such as an NBFC, payment aggregator, PPI, or bank is essential. In this strategic role, you will define and drive our cybersecurity vision, ensure compliance with evolving regulations, protect critical digital assets, and strengthen our overall security posture. This is a key leadership position, working closely with executive teams to build a secure and scalable future.

Responsibilities :

- Lead the company's information security and risk management strategy.

- Safeguard data, intellectual property, and technology assets from internal and external threats.

- Ensure compliance with data privacy and cybersecurity regulations (e. g., DPDP, GDPR).

- Develop, implement, and enforce security policies, procedures, and incident response plans.

- Partner with business and IT leaders to embed security across operations and ensure resilience.

- Design and manage a comprehensive security program spanning cyber defense, data

protection, and threat detection.

- Conduct risk assessments, oversee mitigation strategies, and manage security controls across on-prem and cloud infrastructure.

- Lead incident detection, response, recovery, and continuous improvement of the security posture.

- Ensure compliance through regular audits, regulatory reporting, and vulnerability assessments.

- Promote a culture of security through awareness training and cross-functional engagement.

- Monitor the evolving threat landscape and advise leadership on emerging risks and technologies.

Requirements :

- Bachelor's degree in Information Security, Computer Science, or related field.

- 6+ years in a senior information security role (e. g., CISO, Security Lead), with direct experience in a fintech, NBFC, banking, or regulated financial services environment.

- Strong grasp of cybersecurity frameworks (e. g., ISO 27001), threat modeling, and risk governance.

- Hands-on experience with firewalls, IDS/IPS, encryption, and other core security technologies.

- In-depth understanding of data protection laws and regulatory standards.

- Proven track record of leading and developing high-performing security teams.

Preferred Qualifications :

- Certifications such as CISSP, CISM, CISA, or equivalent.

- Experience securing cloud platforms (AWS, Azure, GCP).

- Familiarity with DevSecOps, secure SDLC, and application security.

- Background in penetration testing, ethical hacking, or incident forensics.

- Proficiency with SIEM and security analytics tools.

- Exposure to AI/ML applications in cybersecurity is a plus.