Chief Information Security Officer

Indifi is an exciting, well-funded fintech start-up enabling micro, small and medium enterprises (MSME) financing in India, by providing small businesses access to multiple lenders. The company has received funding from top-tier VC firms such as Accel Partners, Elevar Equity and Omidyar Network. We are developing a lending platform that is unique amalgamation of customer acquisition, data acquisition through integration with diverse financial infrastructure in India, automated underwriting, documentation and payment gateways. Technology platform consist of micro Services predominately built using Angular.js, Node.js, Java, Python, RDBMS and Analytics stores by leveraging Big Data and open-source technologies. Scalability, stability, quick feature turnaround and agility including continuous integration and deployment are core pillars of technology execution.

Key Responsibilities : ● Establish, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program ● Work directly with the business units to facilitate risk assessment and risk management processes ● Develop and enhance an information security management framework. ● Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services ● Provide leadership to the enterprise's information security organization ● Partner with business stakeholders across the company to raise awareness of risk management concerns ● Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems ● Conduct regular internal audits in compliance with applicable legal and contractual requirements, ISO 27001 and PCI DSS requirements and companies internal requirements ● Conduct regular Management reviews and update the management on information security aspects. The MRMs shall also focus on drawing Management attention to the key areas for required management actions. ● Ensure customer audits as well as re-certification and surveillance audits. ● Coordinate with relevant stakeholders to address the NC closures. ● Ensure the information incidents are responded and resolved on time to ensure compliance with legal and contractual requirements.

What you will need to succeed: ● Degree in business administration or a technology-related field required ● Professional security management certification ● Minimum of 3 years of experience in a combination of risk management, information security and IT jobs ● Knowledge of common information security management frameworks, such as ISO/IEC 27001, and PCI DSS. ● Excellent written and verbal communication skills and high level of personal integrity ● Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams ● Experience with contract and vendor negotiations and management including managed services. ● Experience with Cloud computing/Elastic computing across virtualized environments.