Senior Security Manager-Paytm Money

We are seeking a cyber security professional who is responsible for providing strategic and

technical leadership across cybersecurity engineering, architecture, and governance functions.

This position ensures the design, implementation, and oversight of robust security controls while

driving adoption of new security technologies through structured evaluations and proof-of-

concepts.

The role plays a critical part in strengthening the organization's cyber resilience by governing

SOC operations, vulnerability management programs, cyber drills, and continuous monitoring of

the external attack surface and brand threats. It also ensures strong alignment with regulatory

and audit requirements, including SEBI and ISO standards, while serving as a key stakeholder

interface for senior management, auditors, and regulators.

Key Responsibilities

Design, review and govern enterprise-wide security architectures across on-prem, cloud,

and hybrid environments.

Evaluate, implement and optimize security technologies aligned with organizational risk

posture.

Drive security design reviews for new applications, infrastructure and platforms.

Lead evaluation of emerging security technologies through structured POCs.

Assess effectiveness, scalability and regulatory compliance of new security solutions.

Provide recommendations for technology adoption and roadmap alignment.

Establish and enforce cybersecurity governance frameworks, standards and control

baselines.

Ensure alignment of security controls with business, regulatory and risk requirements.

Provide oversight on security deviations, exceptions, and risk acceptance.

Own and manage enterprise vulnerability assessment and remediation programs.

Oversee internal and external VA/PT activities and track remediation metrics.

Ensure timely closure of vulnerabilities based on risk prioritization.

Provide governance oversight for SOC operations, monitoring effectiveness and incident

response readiness.

Define KPIs, SLAs and reporting mechanisms for SOC performance.

Plan and conduct periodic cyber security drills, tabletop exercises and simulated attack

scenarios.

Oversee external attack surface monitoring to identify exposed assets and potential

threats.

Manage brand monitoring programs to detect phishing, impersonation, and reputation

risks.

Coordinate with internal and external stakeholders for mitigation actions.

Ensure compliance with SEBI cybersecurity and cyber resilience requirements.

Lead and support ISO 27001 compliance and risk assessments.

Interface with auditors, regulators and internal stakeholders for assessments and

closures.

Qualifications and Experience:

1215 years of progressive experience in cybersecurity, including security engineering,

architecture, governance, risk management, and audit.

Proven experience in designing and governing enterprise security architectures and

leading complex security initiatives.

Strong hands-on and governance experience across vulnerability management, SOC

oversight, incident response, and cyber resilience programs.

In-depth understanding of regulatory and compliance requirements, particularly SEBI

cybersecurity frameworks and ISO 27001, ISO 27005, and ISO 31000 standards.

Demonstrated ability to lead cross-functional teams and engage effectively with senior

stakeholders, auditors, and regulators.

Bachelor's or Master's degree in Engineering, Computer Science, Information Security,

or a related discipline.

Professional certifications such as CISSP, CISM, CCSP, ISO 27001 Lead

Auditor/Implementer, or equivalent are highly desirable.