Description :

We are seeking an experienced Information Security Expert with a strong background in managing security for mission-critical environments.

The role demands both strategic oversight and hands-on expertise in securing infrastructure, applications, and operational processes.

This individual will play a pivotal role in safeguarding our systems and ensuring compliance with leading security standards, customer expectations, and industry best practices.

Key Responsibilities :

Perimeter & Infrastructure Security :

- Design, implement, and monitor security controls across networks, firewalls, endpoints, and data centres to ensure robust protection of trading environments.

Access Controls & Identity Management :

- Define and manage role-based access, MFA, privileged account management, and user lifecycle processes to prevent unauthorized access.

Application & API Security :

- Establish secure coding practices and conduct regular code reviews, vulnerability scans, and penetration testing for applications, APIs, and trading platforms.

Security Testing & Assurance :

- Set up and run a structured security testing practice embedded into the engineering and deployment lifecycle.

- Integrate tools (SAST, DAST, vulnerability scanners, etc.) for continuous assurance.

Standards & Frameworks :

- Drive adoption of OWASP, ISO 27001, CIS Benchmarks, and other industry best practices across the organization.

Audit & Compliance Liaison :

- Work closely with auditors, customers, and partners to ensure readiness for compliance reviews, VAPT audits, and security certifications.

Incident Response & Monitoring :

- Develop and maintain incident response playbooks, run security drills, and ensure SIEM/SOC monitoring for proactive threat detection.

Training & Awareness :

- Conduct periodic awareness sessions for engineering, operations, and customer success teams on secure practices.

Qualifications & Experience :

- 7 to 10 years of experience in Information Security, preferably in financial markets / BFSI sector.

- Proven track record of hands-on security implementation in Financial Markets, Trading systems, banking platforms, or other high-transaction environments.

- Strong understanding of security governance, risk management, and compliance processes aligned with international standards.

- Familiarity with tools & platforms like Splunk/QRadar, Qualys, Burp Suite, Nessus, CrowdStrike, or equivalent.

- Certifications preferred : CISSP, CISM, CEH, OSCP, CCSP, or equivalent.

Key Skills :

- Deep understanding of perimeter defense, endpoint security, encryption, IAM.

- Strong application security knowledge OWASP Top 10, secure SDLC, DevSecOps.

- Ability to interface confidently with regulators, auditors, and CXOs.

- Analytical mindset with hands-on troubleshooting ability in complex environments.

- Excellent written and verbal communication skills