PAY10 - Technical Security Manager - SIEM

Description : Job Title - Technical Security ManagerLocation - DelhiRole Overview : The Technical Security Manager Information Security will play a pivotal role in safeguarding Pay10s technology infrastructure, applications, and network ecosystem across all operations within India.This role combines hands-on cybersecurity expertise with strong technical control implementation and compliance oversight under RBIs IT and Cybersecurity Framework for Payment System Operators.The incumbent will be responsible for monitoring, detection, and response to threats, defining network and infrastructure controls, and ensuring compliance with relevant standards such as RBI IT Framework, PCI DSS, ISO 27001, SOC 2, and data localization requirements.Key Operations & Monitoring : - Lead Security Operations Centre (SOC) activities, ensuring proactive detection, investigation, and response to security incidents.- Monitor and correlate events using SIEM platforms (e.g., Splunk, Sentinel, QRadar).- Conduct incident triage, root cause analysis, and coordinate timely containment and recovery.- Ensure adherence to RBIs cyber incident reporting timelines (e.g., within 26 hours for major incidents).- Maintain incident management workflows and escalation processes in line with RBI standards.- Collaborate with Managed Security Service Providers (MSSPs) for continuous monitoring and log management.Network & Infrastructure Security : - Design, configure, and manage secure network architecture including firewalls, VPNs, WAF, IDS/IPS, and segmentation.- Ensure compliance with RBI-prescribed controls on hardening, patching, and security logging for payment systems.- Perform infrastructure vulnerability assessments and oversee timely patch management.- Maintain network topology, baseline configurations, and documentation for audit readiness.- Ensure all regulated data (cardholder, transaction, and PII) is stored, processed, and maintained only in data centers located in India, in compliance with RBI data localization mandates.Cloud & Application Security : - Oversee implementation of cloud security controls (CSPM, CWPP, IAM policies) for Pay10s AWS, Azure, or hybrid environments.- Partner with DevOps to embed DevSecOps practices, including automated code reviews, SAST/DAST scanning, and secure CI/CD pipelines.- Conduct application security reviews and validate controls aligned to OWASP Top 10 and PCI DSS 4.- Secure APIs and integrations used in payment processing and fintech applications.- Review application security configurations for compliance with RBI and PCI-DSS encryption and key management requirements.Threat & Vulnerability Management : - Lead the end-to-end vulnerability management program, ensuring prompt detection, prioritization, and remediation.- Conduct periodic vulnerability scans, penetration testing, and red team assessments as required by RBI.- Maintain a central vulnerability register and track closure with IT, DevOps, and business teams.- Establish patch governance framework and periodic reporting to the CISO office.- Integrate threat intelligence sources to anticipate and mitigate emerging risks.Access Control & Identity Management : - Define and enforce Identity and Access Management (IAM) and Privileged Access Management (PAM) policies.- Implement least-privilege principles, multi-factor authentication (MFA), and SSO across all systems.- Conduct quarterly access reviews and entitlement audits to ensure compliance with RBIs access control guidelines.- Maintain logs and reports for all privileged account activities as part of RBIs audit trail requirements.Compliance, Audit & Risk Management : Ensure compliance with : - RBI Cyber Security Framework for Payment System Operators- RBI Master Direction on IT Governance, Risk, Controls & Assurance Practices- PCI DSS, ISO 27001, and SOC 2 frameworks- Coordinate internal and external IT and cybersecurity audits.- Prepare and submit quarterly and annual IT & Cyber Risk reports to the CISO and Compliance Committee.- Support banking partner and regulator-driven audits with evidence, control documentation, and remediation tracking.- Maintain an up-to-date Information Security Risk Register and report risk status to management.- Conduct vendor risk assessments and due diligence before onboarding third-party service providers, ensuring alignment with RBIs Third-Party Risk Management Guidelines.Incident Response & Business Continuity : - Maintain the Incident Response Plan (IRP) and ensure regular testing and updates.- Conduct incident simulations and tabletop exercises for critical applications.- Lead post-incident reviews and document lessons learned and preventive measures.- Ensure Business Continuity (BCP) and Disaster Recovery (DR) drills are conducted periodically, meeting RTO/RPO objectives.- Document and maintain all DR test results for submission during RBI or partner bank audits.Awareness, Documentation & Reporting : - Conduct security awareness and phishing simulation programs for Pay10 employees.Maintain detailed documentation for : - Incident response- Risk registers- Vulnerability remediation- Audit evidence and compliance matrices- Develop and present cybersecurity posture dashboards and KPI reports for the CISO and management.- Conduct secure coding workshops and sessions for development and operations teams.Required Qualifications : - Bachelors degree in Cybersecurity, Computer Science, or Information Technology, or equivalent hands-on experience.- 6 to 10 years of experience in technical cybersecurity operations and risk management.- Proven experience working in FinTech, banking, or other RBI-regulated financial environments.- Strong understanding of RBI IT & Cybersecurity Framework, PCI DSS, and ISO 27001.- Experience in incident management, network security, and vulnerability management.Preferred Certifications : - CISSP, CISM, or CISA (for governance and audit readiness).- CompTIA Security+, CEH, or GSEC (for technical skills).- ISO 27001 Lead Implementer/Auditor or PCI DSS ISA (for compliance management).- AWS Certified Security Specialty or Azure Security Engineer Associate (for cloud security controls).Technical Skills : - Expertise with SIEM, EDR, and SOAR platforms (e.g., Splunk, Sentinel, CrowdStrike, Defender).- Strong command of network and infrastructure security tools (e.g., Fortinet, Palo Alto, Check Point).- Proficiency with vulnerability management tools (e.g., Qualys, Nessus, Rapid7, Tenable).- Familiarity with container orchestration and API security (Kubernetes, Docker).- Working knowledge of infrastructure-as-code tools (Terraform, Ansible).Soft Skills & Attributes : - Strong analytical and decision-making skills under pressure.- Excellent communication and stakeholder management abilities.- Proactive and organized approach to security control execution and compliance.- Collaborative and detail-oriented, capable of working closely with IT, DevOps, and Compliance teams (ref:hirist.tech)