We are seeking an experienced Information Security Expert with a strong background in managing security for mission-critical environments. The role demands both strategic oversight and hands-on expertise in securing infrastructure, applications, and operational processes. This individual will play a pivotal role in safeguarding our systems and ensuring compliance with leading security standards, customer expectations, and industry best practices.
Key Responsibilities
- Perimeter & Infrastructure Security:
- Design, implement, and monitor security controls across networks, firewalls, endpoints, and data centres to ensure robust protection of trading environments.
- Access Controls & Identity Management:
- Define and manage role-based access, MFA, privileged account management, and user lifecycle processes to prevent unauthorized access.
- Application & API Security:
- Establish secure coding practices and conduct regular code reviews, vulnerability scans, and penetration testing for applications, APIs, and trading platforms.
- Security Testing & Assurance:
- Set up and run a structured security testing practice embedded into the engineering and deployment lifecycle. Integrate tools (SAST, DAST, vulnerability scanners, etc.) for continuous assurance.
- Standards & Frameworks:
- Drive adoption of OWASP, ISO 27001, CIS Benchmarks, and other industry best practices across the organization.
- Audit & Compliance Liaison:
- Work closely with auditors, customers, and partners to ensure readiness for compliance reviews, VAPT audits, and security certifications.
- Incident Response & Monitoring:
- Develop and maintain incident response playbooks, run security drills, and ensure SIEM/SOC monitoring for proactive threat detection.
- Training & Awareness:
- Conduct periodic awareness sessions for engineering, operations, and customer success teams on secure practices.
Qualifications & Experience
- 710 years of experience in Information Security, preferably in financial markets / BFSI sector.
- Proven track record of hands-on security implementation in Financial Markets, Trading systems, banking platforms, or other high-transaction environments.
- Strong understanding of security governance, risk management, and compliance processes aligned with international standards.
- Familiarity with tools & platforms like Splunk/QRadar, Qualys, Burp Suite, Nessus, CrowdStrike, or equivalent.
- Certifications preferred: CISSP, CISM, CEH, OSCP, CCSP, or equivalent.
Key Skills
- Deep understanding of perimeter defense, endpoint security, encryption, IAM.
- Strong application security knowledge OWASP Top 10, secure SDLC, DevSecOps.
- Ability to interface confidently with regulators, auditors, and CXOs.
- Analytical mindset with hands-on troubleshooting ability in complex environments.
- Excellent written and verbal communication skills
