Talent.com
Information Security Manager
Information Security ManagerPay10 India • Delhi, Republic Of India, IN
Information Security Manager

Information Security Manager

Pay10 India • Delhi, Republic Of India, IN
23 days ago
Job description

Job Title - Technical Security Manager

Location - Delhi

Role Overview

The Technical Security Manager – Information Security will play a pivotal role in safeguarding Pay10’s technology infrastructure, applications, and network ecosystem across all operations within India.

This role combines hands-on cybersecurity expertise with strong technical control implementation and compliance oversight under RBI’s IT and Cybersecurity Framework for Payment System Operators.

The incumbent will be responsible for monitoring, detection, and response to threats, defining network and infrastructure controls, and ensuring compliance with relevant standards such as RBI IT Framework, PCI DSS, ISO 27001, SOC 2, and data localization requirements.

Key Responsibilities

1. Security Operations & Monitoring

  • Lead Security Operations Centre (SOC) activities, ensuring proactive detection, investigation, and response to security incidents.
  • Monitor and correlate events using SIEM platforms (e.G., Splunk, Sentinel, QRadar).
  • Conduct incident triage, root cause analysis, and coordinate timely containment and recovery.
  • Ensure adherence to RBI’s cyber incident reporting timelines (e.G., within 2–6 hours for major incidents).
  • Maintain incident management workflows and escalation processes in line with RBI standards.
  • Collaborate with Managed Security Service Providers (MSSPs) for continuous monitoring and log management.

2. Network & Infrastructure Security

  • Design, configure, and manage secure network architecture including firewalls, VPNs, WAF, IDS / IPS, and segmentation.
  • Ensure compliance with RBI-prescribed controls on hardening, patching, and security logging for payment systems.
  • Perform infrastructure vulnerability assessments and oversee timely patch management.
  • Maintain network topology, baseline configurations, and documentation for audit readiness.
  • Ensure all regulated data (cardholder, transaction, and PII) is stored, processed, and maintained only in data centers located in India, in compliance with RBI data localization mandates.

    • 3. Cloud & Application Security

  • Oversee implementation of cloud security controls (CSPM, CWPP, IAM policies) for Pay10’s AWS, Azure, or hybrid environments.
  • Partner with DevOps to embed DevSecOps practices, including automated code reviews, SAST / DAST scanning, and secure CI / CD pipelines.
  • Conduct application security reviews and validate controls aligned to OWASP Top 10 and PCI DSS 4.0.
  • Secure APIs and integrations used in payment processing and fintech applications.
  • Review application security configurations for compliance with RBI and PCI-DSS encryption and key management requirements.

    • 4. Threat & Vulnerability Management

  • Lead the end-to-end vulnerability management program, ensuring prompt detection, prioritization, and remediation.
  • Conduct periodic vulnerability scans, penetration testing, and red team assessments as required by RBI.
  • Maintain a central vulnerability register and track closure with IT, DevOps, and business teams.
  • Establish patch governance framework and periodic reporting to the CISO office.
  • Integrate threat intelligence sources to anticipate and mitigate emerging risks.

    • 5. Access Control & Identity Management

  • Define and enforce Identity and Access Management (IAM) and Privileged Access Management (PAM) policies.
  • Implement least-privilege principles, multi-factor authentication (MFA), and SSO across all systems.
  • Conduct quarterly access reviews and entitlement audits to ensure compliance with RBI’s access control guidelines.
  • Maintain logs and reports for all privileged account activities as part of RBI’s audit trail requirements.

    • 6. Compliance, Audit & Risk Management

  • Ensure compliance with :
  • RBI Cyber Security Framework for Payment System Operators
  • RBI Master Direction on IT Governance, Risk, Controls & Assurance Practices
  • PCI DSS, ISO 27001, and SOC 2 frameworks
  • Coordinate internal and external IT and cybersecurity audits.
  • Prepare and submit quarterly and annual IT & Cyber Risk reports to the CISO and Compliance Committee.
  • Support banking partner and regulator-driven audits with evidence, control documentation, and remediation tracking.
  • Maintain an up-to-date Information Security Risk Register and report risk status to management.
  • Conduct vendor risk assessments and due diligence before onboarding third-party service providers, ensuring alignment with RBI’s Third-Party Risk Management Guidelines.

    • 7. Incident Response & Business Continuity

  • Maintain the Incident Response Plan (IRP) and ensure regular testing and updates.
  • Conduct incident simulations and tabletop exercises for critical applications.
  • Lead post-incident reviews and document lessons learned and preventive measures.
  • Ensure Business Continuity (BCP) and Disaster Recovery (DR) drills are conducted periodically, meeting RTO / RPO objectives.
  • Document and maintain all DR test results for submission during RBI or partner bank audits.

    • 8. Awareness, Documentation & Reporting

  • Conduct security awareness and phishing simulation programs for Pay10 employees.
  • Maintain detailed documentation for :
  • Incident response
  • Risk registers
  • Vulnerability remediation
  • Audit evidence and compliance matrices
  • Develop and present cybersecurity posture dashboards and KPI reports for the CISO and management.
  • Conduct secure coding workshops and sessions for development and operations teams.

    • Required Qualifications

  • Bachelor’s degree in Cybersecurity, Computer Science, or Information Technology, or equivalent hands-on experience.
  • 6–10 years of experience in technical cybersecurity operations and risk management.
  • Proven experience working in FinTech, banking, or other RBI-regulated financial environments.
  • Strong understanding of RBI IT & Cybersecurity Framework, PCI DSS, and ISO 27001.
  • Experience in incident management, network security, and vulnerability management.

    • Preferred Certifications

  • CISSP, CISM, or CISA (for governance and audit readiness).
  • CompTIA Security+, CEH, or GSEC (for technical skills).
  • ISO 27001 Lead Implementer / Auditor or PCI DSS ISA (for compliance management).
  • AWS Certified Security – Specialty or Azure Security Engineer Associate (for cloud security controls).

    • Technical Skills

  • Expertise with SIEM, EDR, and SOAR platforms (e.G., Splunk, Sentinel, CrowdStrike, Defender).
  • Strong command of network and infrastructure security tools (e.G., Fortinet, Palo Alto, Check Point).
  • Proficiency with vulnerability management tools (e.G., Qualys, Nessus, Rapid7, Tenable).
  • Familiarity with container orchestration and API security (Kubernetes, Docker).
  • Working knowledge of infrastructure-as-code tools (Terraform, Ansible).

    • Soft Skills & Attributes

  • Strong analytical and decision-making skills under pressure.
  • Excellent communication and stakeholder management abilities.
  • Proactive and organized approach to security control execution and compliance.
  • Collaborative and detail-oriented, capable of working closely with IT, DevOps, and Compliance teams.
    • Create a job alert for this search

    Information Security Manager • Delhi, Republic Of India, IN

    Related jobs
    Information Security Engineer - Monitoring Tools

    Information Security Engineer - Monitoring Tools

    Winx Consulting Services Pvt. Ltd. • Delhi, IN
    Job Description Responsibilities : - Adopting and promoting engineering excellence by identifying efficiencies and synergies through means of automation, collaboratio...Show more
    Last updated: 30+ days ago • Promoted
    AppScan Product _Lead Security Expert _Remote Location

    AppScan Product _Lead Security Expert _Remote Location

    HCLSoftware • Delhi, IN
    Remote
    Greetings from “HCL Software” Is a Product Development Division of HCL Tech!!.HCL Software” : - Is a Product Development Division of HCL Tech : That operates its primary Software Business.At HCL Soft...Show more
    Last updated: 3 days ago • Promoted
    Head Information Security

    Head Information Security

    Confidential • Delhi
    Develop and implement the enterprise-wide information security strategy, policies, and frameworks.Provide thought leadership on emerging cyber risks, threats, and technologies.Establish an enterpri...Show more
    Last updated: 14 days ago • Promoted
    Technical Security Manager (Information Security India)

    Technical Security Manager (Information Security India)

    Confidential • Delhi
    Security Operations & Monitoring : .Lead Security Operations Centre (SOC) activities, ensuring proactive detection, investigation, and response to security incidents. Monitor and correlate events usin...Show more
    Last updated: 14 days ago • Promoted
    Director of Product Security

    Director of Product Security

    WhiteSlips Job Management Consultants • Delhi, IN
    Advance and execute a software supply chain security development strategy to include Identify security risk and vulnerabilities across client's supply chain partners as well and track implementatio...Show more
    Last updated: 2 days ago • Promoted
    CSS Incident Manager

    CSS Incident Manager

    Atlassian • Delhi, IN
    Atlassians can choose where they work – whether in an office, from home, or a combination of the two.That way, Atlassians have more control over supporting their family, personal goals, and other p...Show more
    Last updated: 3 days ago • Promoted
    Lead Security Engineer

    Lead Security Engineer

    Arcana • Delhi, IN
    As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden...Show more
    Last updated: 30+ days ago • Promoted
    TPRM Senior Manager (Qatar)

    TPRM Senior Manager (Qatar)

    Cubical Operations LLP • Delhi, IN
    Job Description – TPRM Senior Manager (Qatar Travel Requirement).Senior Manager – Third-Party Risk Management (TPRM).Qatar (Frequent travel to / from India). India (Work from India when not travelling...Show more
    Last updated: 8 days ago • Promoted
    Lead Security Engineer

    Lead Security Engineer

    interface.ai • Delhi, IN
    Our cutting-edge Generative AI-powered platform serves over 100 banks and credit unions, delivering hyper-personalized customer interactions across voice, chat, and employee-assisting solutions.To ...Show more
    Last updated: 30+ days ago • Promoted
    Problem Manager

    Problem Manager

    Mphasis • Delhi, IN
    Problem Manager & Major Incident Manager.The Problem Manager, following ITIL V4 best practices, is responsible for the efficient and effective management of IT problems and incidents to minimize th...Show more
    Last updated: 2 days ago • Promoted
    Information Security Project Manager

    Information Security Project Manager

    airtel • Delhi, Republic Of India, IN
    Airtel is looking for Project Manager for managing the Cybersecurity & Managed Security Services to keep our fast-growing MSS portfolio on track. This is an opportunity for a highly motivated indivi...Show more
    Last updated: 20 days ago • Promoted
    Senior Manager IS Cyber Culture & Awareness

    Senior Manager IS Cyber Culture & Awareness

    Mashreq • Delhi, IN
    The Cyber Security Awareness Specialist plays a critical role in maturing Mashreq Bank’s cyber security awareness program. The specialist is responsible for fostering a culture where Cybersecurity i...Show more
    Last updated: 23 days ago • Promoted
    Deputy Global Infrastructure and Security Operations Leader

    Deputy Global Infrastructure and Security Operations Leader

    iMerit Technology • Delhi, IN
    Deputy Global Infrastructure and Security Operations Leader.Willing to relocate to Pune, Coimbatore, or Bengaluru, with international impact. Hybrid / Remote with frequent travel to global time zones,...Show more
    Last updated: 4 days ago • Promoted
    Security Operations Engineer

    Security Operations Engineer

    ITPeopleNetwork • Delhi, IN
    We are looking for a junior to mid-level.Saviynt Identity Access Management (IAM / IGA).CyberArk Endpoint Privilege Manager (EPM). The ideal candidate will assist in user access governance, email thre...Show more
    Last updated: 6 days ago • Promoted
    Senior Cloud Security Architect

    Senior Cloud Security Architect

    Claranet India • Delhi, IN
    Founded at the beginning of the dot.CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP)...Show more
    Last updated: 1 day ago • Promoted
    Security Information and Event Management Engineer

    Security Information and Event Management Engineer

    Palo Alto Networks • Delhi, Republic Of India, IN
    At Palo Alto Networks® everything starts and ends with our mission : .Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and m...Show more
    Last updated: 23 days ago • Promoted
    Information Security Analyst

    Information Security Analyst

    AGILE TECHNOLOGY SOLUTIONS • Delhi, IN
    Description : Key Responsibilities : ISMS Implementation & Management : <...Show more
    Last updated: 8 days ago • Promoted
    Chief Information Security Officer

    Chief Information Security Officer

    CUBE CONSULTANCY SERVICES • Delhi, IN
    Remote
    Description : - Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure the integrity, con...Show more
    Last updated: 30+ days ago • Promoted