Head of Corporate Information SecurityChargebee • Chennai, Republic Of India, IN

Head of Corporate Information Security

Chargebee • Chennai, Republic Of India, IN

14 days ago

Job description

Role Purpose

The Director / Head of Information Security will lead Chargebee’s Corporate Information Security function, working in close partnership with the Enterprise Cyber security (ECS) which manages product and infrastructure security and Corporate IT (which manages employee systems, devices, and operations) teams.

This role focuses on strengthening enterprise-wide governance, compliance, and risk management by designing new security capabilities while leveraging existing technical and operational controls across the broader ecosystem.

The leader will own the ISMS (ISO 27001 Program), Incident Management, Data Protection, Endpoint Security, and other GRC (Governance, Risk & Compliance) programs that protect our people, systems, and customers.

The ideal candidate will enable Chargebee to stay audit-ready, resilient, and trusted by customers as we continue to scale globally.

Key Responsibilities

1. Information Security Strategy & Governance

Lead the design and execution of Chargebee’s enterprise security strategy aligned with business goals
Own and continuously improve the Information Security Management System (ISMS) under ISO 27001, SOC 2, PCI DSS, and GDPR.
Establish and maintain the security governance framework, policies, and standards across business units.
Drive adoption of a unified security maturity model and track progress across all security domains.
Report quarterly to senior leadership on posture, risks, incidents, and roadmap progress.

2. Program Ownership Across Core AORs

Own and mature the following functions and teams :

ISMS & ISO 27001 Program – Governance, internal audits, controls, SoA, and certification management.

Corporate Incident Management (CIM) – Centralized IR process, playbooks, RCA / CAPA, and coordination of each incident, coordinating Product security, Global Technology Infrastructure and internal operations team

Data Leakage Prevention (DLP) – Policy, enforcement, and insider data risk management of corporate systems and corporate technology (Collaboration and knowledge management systems).

AI information Security Governance – AI risk reviews, usage policy, vendor evaluation, and compliance oversight of corporate information systems and Corporate Technology.

Security Awareness Program – Continuous education, phishing simulation, and behavioral improvement of corporate information systems and Corporate Technology.

Corporate IT Risk Management – Risk register, reviews, and treatment lifecycle of corporate information systems and Corporate Technology.

Business Continuity Program (BCP) & Data Recovery (DR) (Corporate) – Continuity governance, simulation testing, recovery validation of corporate information systems and Corporate Technology.

Policy Governance – Centralized authoring, review, communication, and adoption tracking of corporate information systems and Corporate Technology.

Access Governance (RBAC) – Access policy, JML automation, and certification reviews of all systems, product operations and corporate systems and technology.

Endpoint Security (Systems & Hardware) – Device hardening, monitoring, and compliance visibility of corporate information systems and Corporate Technology.

GTM Trust Enablement (RFP / RFI) – Customer trust documentation, security questionnaires, SLAs in response to processes and governance related questions referring to Chargebee’s corporate information systems and Corporate Technology.

3. Operational Execution & Oversight

Establish a centralized incident classification and escalation model for all business functions.

Drive RCA & CAPA closure across incidents and audits;

ensure risks are documented and tracked.

Maintain audit and evidence readiness for customer and external certifications.

Oversee DLP and endpoint monitoring, ensuring response workflows are automated and integrated.

Partner with ECS and IT to embed security by design into products, infrastructure, and employee systems.

Assist in responding to customer RFP’s to clarify and confirm Chargebee’s information security and corporate systems compliance

4. Risk, Compliance, and Reporting

Maintain the enterprise security risk register;

ensure high / critical risks have defined treatment and ownership.

Manage ISO internal audits and, surveillance reviews, and customer due diligence requests.

Develop and publish quarterly security KPIs and KRIs, including metrics on incidents, risk aging, compliance, and awareness.

Lead regular security governance reviews with senior leadership, providing updates on posture, risks, and strategic initiatives

5. People Leadership & Culture

Build and lead a high-performing infosec team across GRC, Risk, DLP, IR, and Awareness.

Partner cross-functionally with IT, ECS, Legal, HR, Comms, Risk & Compliance, and GTM enablement functions..

Promote a culture where security is everyone’s responsibility through communication, enablement, and collaboration.

Mentor, coach, and grow internal talent to scale the security program sustainably.

Create a job alert for this search

Information Security • Chennai, Republic Of India, IN

Related jobs

Information Security and Compliance Lead

SQ1 Security • Chennai, Republic Of India, IN

SQ1 Security is seeking an experienced Cybersecurity and Compliance Expert to lead and drive our initiatives toward achieving SOC 2, ISO 27001, GDPR, and HITRUST certifications.Develop and Maintain...Show more

Last updated: 2 days ago • Promoted

Information Security Manager

Ajanta Pharma Ltd • Republic Of India, IN

Senior Manager – Information Security.The Senior Manager – Information Security will spearhead the development and execution of a comprehensive information security strategy that supports the organ...Show more

Last updated: 24 days ago • Promoted

Director Of Corporate Information Security

Chargebee • Chennai, Republic Of India, IN

Last updated: 14 days ago • Promoted

Head of Information Security and Compliance

Career Stone Consultant • Republic Of India, IN

The job purpose is to lead and implement comprehensive cybersecurity and information security.Responsible for data privacy protection, infrastructure security, vendor management, and fostering a.Se...Show more

Last updated: 16 days ago • Promoted

Information Security Governance Leader

Chargebee • Chennai, Republic Of India, IN

Last updated: 14 days ago • Promoted

Director of IT Infrastructure and Security

Cheers Interactive • Republic Of India, IN

We are seeking an experienced and innovative Director-IT Infra to lead our IT Infrastructure and IT Security teams.The ideal candidate will drive the management and strategic oversight of on premis...Show more

Last updated: 30+ days ago • Promoted

Head of IT Infrastructure and Cloud Services

Cheers Interactive • Republic Of India, IN

Last updated: 30+ days ago • Promoted

Cybersecurity and Information Security Director

Career Stone Consultant • Republic Of India, IN

Last updated: 16 days ago • Promoted

Regional Information Security Lead

Talent et au-dela • Pune, Republic Of India, IN

Regional Chief Information Security Officer (CISO).We’re looking for a bold, high-caliber cybersecurity leader ready to fast-track into a full CISO role within six months.This role is ideal for a d...Show more

Last updated: 8 days ago • Promoted

Director of Information Risk and Compliance

Chargebee • Chennai, Republic Of India, IN

Last updated: 14 days ago • Promoted

Regional Cybersecurity Director

Talent et au-dela • Pune, Republic Of India, IN

Last updated: 8 days ago • Promoted

Principal Security Architect

InfoBeans • Republic Of India, IN

Senior Information Security Architect.Information Security Architect – Intermediate Level.I have copied both the JD's please check before applying. We are seeking a Senior Information Security Archi...Show more

Last updated: 1 day ago • Promoted

Head of Security Architecture

Exela Technologies • Pune, Republic Of India, IN

Director of Security Architecture.You will be responsible for creating the vision, strategy, and roadmap for our security infrastructure. This role requires a deep understanding of the current and f...Show more

Last updated: 22 days ago • Promoted

Chief Information Security Officer

Career Stone Consultant • Republic Of India, IN

Last updated: 16 days ago • Promoted

Director Information Technology Infrastructure

Cheers Interactive • Republic Of India, IN

Last updated: 30+ days ago • Promoted

Deputy Global Infrastructure and Security Operations Leader

iMerit Technology • India, India

Deputy Global Infrastructure and Security Operations Leader.Willing to relocate to Pune, Coimbatore, or Bengaluru, with international impact. Hybrid / Remote with frequent travel to global time zones,...Show more

Last updated: 4 days ago • Promoted

Director of Information Security

The Indian Hotels Company Limited (IHCL) • Republic Of India, IN

IHCL and its subsidiaries bring together a group of brands and businesses that offer a fusion of warm hospitality and world-class service. World’s Strongest Hotel Brand’ and ‘India’s Strongest Brand...Show more

Last updated: 12 days ago • Promoted

Head of IT Infrastructure and User Experience

Verdantas • Pune, Republic Of India, IN

Join Verdantas – A Top #ENR 81 Firm!.We are seeking a highly skilled and strategic manager of IT infrastructure & end-user services to lead and oversee our critical technology service pillars.This ...Show more

Last updated: 9 days ago • Promoted