InfoSec Lead

DIGITAP.AI provides high tech advanced AI / ML solutions to new age internet driven businesses for reliable, fast and 100% compliant Customer Onboarding, Automated Risk Management along with Big Data enabled services like Risk Analytics and Customised Scorecards. Our proprietary Machine Learning Algorithms and Modules provide one of the best success rates in the market. Working with 200+ clients spread across banks, big NBFCs, Life Insurance Players, Fintechs, Digitap.ai provides the high quality solutions while maintaining the required infosec compliance. The team brings together deep and vibrant experience in Fintech Product & Risk Management, Fraud Detection and BIG DATA Analytics.

We are looking for a lead in Infosec, Risk & Compliance team to lead the development, implementation and maintenance of  Infosec across various functions of organization, as well as handle info-sec audits.

● Be SME for all applicable regulations, guidelines and industry best practices to manage InfoSec, Risk and Compliance in the organization

● Be the single point of contact for all external entities related to Security and Compliance, as well as respond to third-party risk assessment questionnaire

● Owner for all InfoSec documentation such as policies, standards, and procedures.

● To identify, track, monitor & ensure compliance with InfoSec Policy, Regulatory, Legal & Audit requirements.

● Perform Independent Internal Audit and assessment in line with Regulatory requirements - RBI, REBIT, V-CIP, DLG, etc.

● Liaison with internal and external Security Audits and assessments – VAPT, GDPR/ISO 27001 compliance, SOC2

● Maintain the required security posture for cloud security & IT

● Assist the CISO in driving security controls across all organisation functions including IT/HR/Sales.

● Maintain & improve code security & DevopsSec practices

● Maintain & improve the DLP across endpoints & servers

● Review and improve email, apps & network security.

● Develop & manage InfoSec Training & awareness, run periodic phishing campaigns.

● 4-8 years of experience in establishing & managing InfoSec, Governance, Risk and Compliance in areas of System Security, Network Security,  Risk & Compliance Management
● Bachelor of Engineering/Computer Science or equivalent from a recognized University
● Good Technical understanding of Systems, Network, Firewalls, IT Apps & their security
● Auditing experience in ISO-27001, SOC2 is a must
● Experience with AWS Security and Compliance.
● Prior experience in the Banking and Financial domain is preferred
● Exposure to Endpoint Security, Network Security, DLP, SIEM, etc
● Prior Software Development Experience is preferred
● Should have strong analytical and communication skills.
● Should have experience in developing InfoSec awareness programs and rendering InfoSec awareness sessions.
● A good understanding of the Data Privacy Framework - GDPR, India Data Privacy Act, etc.
● Candidates with professional security certificates like CISA, CISM, and ISO27001 Lead Auditor would be preferred.

● BE, BTech, MTech, ME, MCA (minimum 4 years of degree)

● 4-8 years of experience in establishing & managing InfoSec, Governance, Risk and Compliance