Chief Information Security Officer

About Tazapay
Tazapay is a global cross-border payment platform that enables businesses to seamlessly
transact across fiat and stablecoins. With a robust Pay-in and Pay-out network spanning
multiple geographies, Tazapay offers unparalleled flexibility in payment methods, including
named virtual accounts, alternative payment methods (APMs), and stablecoins.
Licensed in Singapore, Canada, USA, Australia Tazapay provides a fully compliant and
transparent payment infrastructure that allows businesses to offer fiat and stablecoin-based
transactions to their underlying clients. Its platform ensures effortless onboarding of
merchants while also supporting white-label solutions, empowering businesses to scale their
global payments without operational complexity.
With Tazapay, enterprises can bridge the gap between traditional finance and digital assets,
ensuring interoperability, compliance, and seamless cross-border transactions at scale.
We are passionate about building reliable, secure, and cutting-edge payment solutions that
empower businesses. We are seeking a visionary and experienced security leader to join
our team and drive our information security future.

Role Overview
Technical and strategic leader for all things security, from cloud infrastructure to application,
data, and endpoint security in a global payments fintech startup ,working closely with
engineering, infrastructure, product and compliance teams.
This role carries group-wide responsibility for ensuring that Tazapay's information security
controls, policies, and practices comply with regulatory expectations across all jurisdictions
where Tazapay operates (including MAS TRM Guidelines in Singapore, FINTRAC in
Canada, AUSTRAC/ASIC in Australia, CBUAE in Dubai, and emerging EU/UK standards
such as DORA/NIS2). The CISO acts as a key control owner jointly accountable with the
Chief Compliance Officer for the verification, testing, and effectiveness of technical and
procedural safeguards.
Location: Bangalore (HSR Layout, In Office)
Reports to: CTO + Dotted line to Chief Compliance Officer (for regulatory control
assurance)

Key Responsibilities
● Develop and Implement the security strategy working closely with engineering,
infrastructure, product , compliance and operations teams and leaders.
● Product security: Enforce Secure Software Development lifecycle , ensure product
/feature architecture and designs are reviewed from the security perspective, drive
DevSecOps and shift left security. Manage internal and external penetration testing,
vulnerability management and responsible disclosure. Evaluate the security of
partner and third party integrations.
● Infrastructure and Cloud security : Enforce secure cloud architecture ( AWS) .
Implement CSPM / CWPP/SIEM . Ensure secure network segmentation, secret
management, encryption standards, vulnerability and patch management. Ensure all
cloud and infrastructure controls align with regulatory obligations (e.g., MAS TRM,
ISO 27001, SOC 2, NIST CSF) and are tested regularly as part of compliance
assurance cycles.
● IT Security : Identity and Access management , endpoint security , email security,
DLP, security of tools and applications for employees. Oversee adherence to data
protection, localization, and access management standards applicable under each
licensing regime.
● Compliance: Partner with the Compliance team and stakeholders to establish and
enforce the security governance framework. Lead information security aspects of
internal and external audits. Maintain and enforce policies around security, data
handling, data classification, data privacy. Be the liaison around information security
with regulators, auditors and partners. Ensure that regulatory inspections (MAS,
FINTRAC, AUSTRAC, CBUAE, EU/UK authorities) are fully supported with technical
evidence of control design and operation. Maintain continuous readiness for audit
and certification.
● Drive security incident management process. Establish play books, Integrate threat
intelligence , Red/Blue teaming as needed. Ensure incident response processes
satisfy regulatory reporting obligations in each jurisdiction, including timely escalation
and documentation.
● Build and mentor a high performance security engineering team
● Build security awareness company wide. Enable the upskilling of engineering
organisations on security, develop security champions. Foster a culture of
compliance-by-design and ensure security ownership across product and operations
teams.

Qualifications
● 12–18+ years of experience in technical information security, including at least 4+
years in a Senior Security Engineering leadership role with a fintech
● Deep understanding of cloud-native architectures (AWS/GCP/Azure), and
microservices-based fintech stacks.
● Hands-on experience with Application Security , DevSecOps, infrastructure security.
● Experience working with payments or financial infrastructure, ideally under regulated
environments
● Prior experience engaging with card networks, banks, and payment processors on
security & compliance audits.
● Strong familiarity with regulatory control frameworks governing technology risk and
data protection across one or more jurisdictions (Example: MAS TRM, FINTRAC,
AUSTRAC/ASIC, CBUAE, DORA/NIS2, ISO 27001, NIST). Ability to translate these
regulatory expectations into concrete technical controls and evidence.

Preferred Qualifications
● Familiarity with stablecoins, blockchain infrastructure, and cryptocurrency custody
models (hot/cold wallet security, signing keys, HSM integrations).
● Security certifications such as CISSP, CISM, OSCP, or AWS Security Specialty.
● Exposure to global cross-border licensing frameworks
● Experience working with or reporting to regulators and external auditors on technology
risk matters. Demonstrated capacity to align technical design with regulatory
requirements across multiple entities.

Why Join Tazapay?
● Opportunity to shape the future of global trade and payments.
● Work alongside world-class leadership and visionary founders.
● Backed by premier investors and poised for exponential growth.
● Autonomy and ownership with high visibility and impact.
● Competitive compensation including salary, bonus and equity package.
● Opportunity to work with a talented and passionate team.
● Significant impact on the company's success and the payments landscape.

---