2+ System security Jobs in India

About the company - 
Credit cards haven't changed much for over half a century so our team of seasoned
bankers, technologists, and designers set out to redefine the credit card for you - the
consumer. The result is OneCard - a credit card reimagined for the mobile
generation. OneCard is India's best metal credit card built with full-stack tech. It is
backed by the principles of simplicity, transparency, and giving back control to the
user.

The Engineering Challenge
“Re-imaging credit and payments from First Principles”
Payments is an interesting engineering challenge in itself with requirements of low
latency, transactional guarantees, security, and high scalability. When we add credit
and engagement into the mix, the challenge becomes even more interesting with
underwriting and recommendation algorithms working on large data sets. We have
eliminated the current call center, sales agent, and SMS-based processes with a
mobile app that puts the customers in complete control. To stay agile, the entire
stack is built on the cloud with modern technologies.

Check out our apps here:
OneCard (Best credit card app) : www.getonecard.app
OneScore (5 million downloads): http://www.onescore.app" target="_blank">www.onescore.app


Security Compliance Lead
Opportunity:
Opportunity to build GRC practice grounds up for new Age Fintech startup, lead and
implement PCI-DSS, ISO-27001, RBI compliances

What you will do:
● Be SME for all applicable regulations, guidelines and industry best practices
to manage risk and ensure compliance.
● Be the single point of contact for all external entities related to Security and
Compliance communications.
● Owner for all security documentation such as policies, standards, and
procedures.
● Owner for driving security controls across all organisation functions.
● Build continuous assessment practice which is superset of all required
regulatory compliance.
● Manages and supports Information Security Risk Management Life-cycle for
the organization.
● Provide adequate security and compliance against specific standards such as
NIST 800-53, NIST 800-171, ISO 27001, SOX, PCI, HIPAA and other
regulatory requirements.
● Identifies and formally documents deviations from published standards,
estimates risk level, recommends appropriate mitigation countermeasures in
operational and non-operational situations.
● Identify potential areas of IT compliance vulnerability and risk; guide the
accountable stakeholders to develop/implement corrective action plans for
resolution, and provide general guidance on how to avoid or deal with similar
situations in the future. Risks should be identified, assessed and monitored on
an ongoing firm-wide and individual entity basis

Experience Range:
4-8 years of experience in Cybersecurity & Risk Compliance Domain in areas
including and limited to: System Security, Network Security , SOC, Risk &
Compliance Management

Technical Expertise:
● Auditing experience in ISO-27001, SOX, NIST, PCI-DSS
● Experience with AWS Security and Compliance.
● Prior experience in the Banking and Financial domain is nice to have.
● Proven experience in Endpoint Security, Network Security, SIEM,SOC
Advanced security tools – SOAR platform, Vulnerability Management, SIEM
● Experience building Threat Modeling practice
● Strong communication skills