Job description:
1. Security Operations & Monitoring:
- Lead Security Operations Centre (SOC) activities, ensuring proactive detection, investigation, and response to security incidents.
- Monitor and correlate events using SIEM platforms (e.g., Splunk, Sentinel, QRadar).
- Conduct incident triage, root cause analysis, and coordinate timely containment and recovery.
- Ensure adherence to RBIs cyber incident reporting timelines (e.g., within 26 hours for major incidents).
- Maintain incident management workflows and escalation processes in line with RBI standards.
- Collaborate with Managed Security Service Providers (MSSPs) for continuous monitoring and log management.
2. Network & Infrastructure Security:
- Design, configure, and manage secure network architecture including firewalls, VPNs, WAF, IDS/IPS, and segmentation.
- Ensure compliance with RBI-prescribed controls on hardening, patching, and security logging for payment systems.
- Perform infrastructure vulnerability assessments and oversee timely patch management.
- Maintain network topology, baseline configurations, and documentation for audit readiness.
- Ensure all regulated data (cardholder, transaction, and PII) is stored, processed, and maintained only in data centers located in India, in compliance with RBI data localization mandates.
3. Cloud & Application Security:
- Oversee implementation of cloud security controls (CSPM, CWPP, IAM policies) for Pay10's AWS, Azure, or hybrid environments.
- Partner with DevOps to embed DevSecOps practices, including automated code reviews, SAST/DAST scanning, and secure CI/CD pipelines.
- Conduct application security reviews and validate controls aligned to OWASP Top 10 and PCI DSS 4.0.
- Secure APIs and integrations used in payment processing and fintech applications.
- Review application security configurations for compliance with RBI and PCI-DSS encryption and key management requirements.
4. Threat & Vulnerability Management:
- Lead the end-to-end vulnerability management program, ensuring prompt detection, prioritization, and remediation.
- Conduct periodic vulnerability scans, penetration testing, and red team assessments as required by RBI.
- Maintain a central vulnerability register and track closure with IT, DevOps, and business teams.
- Establish patch governance framework and periodic reporting to the CISO office.
- Integrate threat intelligence sources to anticipate and mitigate emerging risks.
5. Access Control & Identity Management:
- Define and enforce Identity and Access Management (IAM) and Privileged Access Management (PAM) policies.
- Implement least-privilege principles, multi-factor authentication (MFA), and SSO across all systems.
- Conduct quarterly access reviews and entitlement audits to ensure compliance with RBI's access control guidelines.
- Maintain logs and reports for all privileged account activities as part of RBI's audit trail requirements.
6. Compliance, Audit & Risk Management:
- Ensure compliance with:
- RBI Cyber Security Framework for Payment System Operators
- RBI Master Direction on IT Governance, Risk, Controls & Assurance Practices
- PCI DSS, ISO 27001, and SOC 2 frameworks
- Coordinate internal and external IT and cybersecurity audits.
- Prepare and submit quarterly and annual IT & Cyber Risk reports to the CISO and Compliance Committee.
- Support banking partner and regulator-driven audits with evidence, control documentation, and remediation tracking.
- Maintain an up-to-date Information Security Risk Register and report risk status to management.
- Conduct vendor risk assessments and due diligence before onboarding third-party service providers, ensuring alignment with RBI's Third-Party Risk Management Guidelines.
7. Incident Response & Business Continuity
- Maintain the Incident Response Plan (IRP) and ensure regular testing and updates.
- Conduct incident simulations and tabletop exercises for critical applications.
- Lead post-incident reviews and document lessons learned and preventive measures.
- Ensure Business Continuity (BCP) and Disaster Recovery (DR) drills are conducted periodically, meeting RTO/RPO objectives.
- Document and maintain all DR test results for submission during RBI or partner bank audits.
8. Awareness, Documentation & Reporting:
- Conduct security awareness and phishing simulation programs for Pay10 employees.
- Maintain detailed documentation for:
- Incident response
- Risk registers
- Vulnerability remediation
- Audit evidence and compliance matrices
- Develop and present cybersecurity posture dashboards and KPI reports for the CISO and management.
- Conduct secure coding workshops and sessions for development and operations teams.
