Information Security Officer

About Open:

OPEN is a leading connected finance platform that empowers finance teams to manage their cashflow better by managing all their business finance systems, right from banking to accounting ERP, payments,CRM, HRMS etc. - in one place.

OPEN, India's 100th Unicorn, has been awarded the 'Best Workplace 2024' by IEEE in 2024. And was recognised by Forbes India and D Globalist's as 'Top 10 companies among 200 Companies' and was featured in IDFC FIRST Private Hurun India's Top 200 Self-made Entrepreneurs of the Millennia 2023. OPEN was also the recipient of 'Best Digital Banking Solution' from the Global Fintech Fest in 2022 and had won the 'Most Innovative Neo Bank' & the 'Most Innovative Digital Bank' at the Indian Fintech Awards in 2021 & Internet and Mobile Association of India (IAMAI) respectively.

We are currently home to some of the smartest & brightest 500+ minds in the fintech space. OPEN is a Series D funded startup backed by leading international funds like Temasek, Google, Tiger Global, IIFL Finance Ltd.,SBI Holdings Japan, 3one4 Capital, Speed Invest, Beenext, Tanglin Venture Partner Advisors & Angellist to name a few. And to build and strengthen this superpower, we're on the lookout for an amazing Information Security Officer

Experience: 6 +years

Location: Bangalore

Responsibilities:

• Maintain and update information security related compliances such as ISO 27001, GDPR, SOC 2 ,, PCIDSS, RBI SAR on PAPG and DL
• Conduct periodic risk assessments and internal audits and vendor risk assessments
• Maintain compliance related documents across all scoped functions; Provide continuous support to the teams in their compliance journey.
• Perform ongoing refactoring of implemented controls.
• Liaise closely with the IT and Engineering team to implement best in class information/data security/privacy controls.
• Identify opportunities to adopt innovative technologies and best practices.
• Be the information security SPOC for our Regulatory Body ( RBI) external banking clients for cyber security related queries and closure.
• You should be able to prepare detailed data flow diagrams and documents for both clients and internal
• Addressed and remediated audit findings through process improvements, policy updates, and technical controls to ensure compliance and reduce risk
• Build a team of security officers to dedicatedly work for each of our banking clients for maintaining compliance and supporting banks queries.

Requirements

• 6+ years of experience in implementation and maintenance of information security related compliances.
• Excellent understanding of IT , SDLC ,Devops processes.
• Develops and delivers security awareness training and conducts phishing simulations to reduce user risk
• Very good understanding of cloud architecture/technologies like kubernetes,docker, infrastructure as a code etc is a plus.
• Understanding of cloud platforms like AWS is a must. You should be able to communicate efficiently with devops teams.
• Should be proficient conducting internal audits.
• Understanding of security engineering ( VAPT, devsecops etc ) and tools CSPM,DLP,WAF,EDR,SIEM,ASM ) is required.
• Should be able to lias with security engineering teams, vendors ,incident response teams for smooth implementation of compliances.

Why work at Open?

• You will be part of the early tribe that is changing the way business banking rolls.
• Every atom of your work will impact the way millions of businesses are run.
• You will work with some of the brightest minds who will celebrate your quirks.
• You will find growth & fun to be two-way streets - how you thrive and the way you jive, in turn drives Open.