Chief Information Security Officer

We are seeking a hands-on expert to own and execute our end-to-end security audits and compliance initiatives across applications, infrastructure, and organizational processes. This role ensures our systems, applications, and business operations are secure, compliant, and aligned with both internal policies and regulatory requirements.

The ideal candidate will possess a security-first mindset, being committed to protecting data and ensuring system integrity. They should also have a builder's DNA, going beyond assessment to think proactively about potential risks.

• Conduct technical assessments required by new clients.
• Analyse and complete detailed cloud infrastructure security and compliance questionnaires.
• Assist in mapping customer security and regulatory requirements to internal controls.
• Maintain documentation and templates for commonly requested assessment artifacts.
• Manage and complete security questionnaires from clients, vendors, and partners.
• Evaluate vendor security and compliance by reviewing their responses and supporting documentation.
• Identify security risks within the company's IT infrastructure, applications and services.
• Assess potential risks posed by vendors or partners during onboarding.
• Ensure compliance with security standards such as ISO 27001, GDPR, SOC 2, or any other relevant frameworks.
• Collaborate with internal teams to maintain compliance with legal and regulatory requirements.
• Develop and maintain internal security policies and procedures related to vendor assessments and third-party risk management.
• Prepare detailed reports summarizing findings from security assessments and risk analysis.
• Provide recommendations to improve security measures and compliance.
• Educate internal staff and external partners about security best practices and compliance requirements.
• Stay updated with AWS best practices, shared responsibility model, and emerging cloud security trends.

Requirements:

• Bachelor's degree in computer science, information security, data science, or a related field.
• 5+ years of experience working with audit/compliance, application security assessments, AWS cloud security preferably BFSI domain.
• Strong exposure to AWS cloud infrastructure (Guard Duty, security hub, inspector, Firewall, IAM, EC2, VPC, S3, Security Groups, etc.).
• Familiarity with secure coding practices, vulnerability management, and threat modelling.
• Experience with VRA templates, cloud security checklists, and assessment responses for enterprise or regulated clients.
• Familiarity with information security standards such as ISO 27001, SOC 2, RBI cybersecurity framework.
• Strong understanding of data protection, encryptions methodologies.
• Strong written and verbal communication skills to liaise with technical and non-technical stakeholders.
• Ability to interpret and explain security configurations and policies in layman's terms.
• Experience with security controls, vulnerability scanning tools (e.g., Nessus, wire shark), or SIEM.
• Exposure with security tools such as network firewall, IPS/IDS is plus.

What We Are Looking For:

• A mentor & leader – Invests in growing people as well as systems.
• A sharp problem-solver – Brings clarity and structure to complex issues.
• A bias for action – Values timely execution, grounded in solid design.
• An owner mentality – Takes pride in delivering reliable, secure systems.
• A quick learner – Keeps pace with evolving threats and security trends.
• Highly disciplined – Detail-oriented with strong follow-through.

Other Details:

We offer an annual appraisal cycle.