Information Security Manager - Mumbai, India - Zaggle

    Zaggle
    Zaggle Mumbai, India

    Found in: Appcast Linkedin IN C2 - 1 week ago

    Default job background
    Description

    Information Security Manager (ISM) – Mumbai

    Experience – 5+ years

    About us:

    Zaggle makes business expenses simplified, we do this by combining software and payment solutions. We are one of India's leading, profitable, and listed (NSE: ZAGGLE) B2B SaaS (Software as a Service) FinTech company. We offer to corporates a unified software cum payments platform for the employee expense, benefits, rewards as well as their vendor payments and channel incentives.

    We offer a variety of payments instruments including corporate credit cards, purchase cards, virtual cards, Prepaid cards, wearables etc. issued in partnership with leading banks like Kotak Mahindra Bank, ICICI Bank, Yes Bank, SBI Cards, IndusInd Bank amongst others.

    Our platform solutions are sector-agnostic, and our network of corporate customers covers the BFSI, Technology, Healthcare, Manufacturing, FMCG, Infrastructure and Automobile industries, among others. Some of our well-known customers include TATA Steel, Persistent Systems, Toshiba, Inox, Pitney Bowes, Wockhardt, PCBL (RP –Sanjiv Goenka Group) and Greenply Industries to name a few. Visit us at to know more about us

    We believe "Innovation is the Key" and Zaggle has been instrumental with launching multiple successful products in the last 3 years in the Business Spend Management space. Today we are a 300+ member strong team spread across Technology, Product, Sales, Implementation Services, Finance, Marketing, HR, Legal and Support functions with 7 office locations in India.

    Position Overview:

    We are seeking a highly skilled and experienced Information Security Manager (ISM) to join our dynamic team. As the ISM, you will play a crucial role in shaping and implementing our security strategies to safeguard sensitive data, mitigate risks, and ensure compliance with regulatory standards. This is an excellent opportunity for a talented individual to make a significant impact in a fast-paced and rewarding environment

    Roles and Responsibilities:

    • Lead risk management program, planning and implementing compliance and risk assessment activities. This includes exception handling, Business Impact Assessment (BIA), and Business Continuity Planning (BCP).
    • Security documentation governance - create, review, revise, and publish documents. Foster and sustain a positive security culture through security awareness initiatives Support the development of the security/compliance frameworks and ensure its proper operation.
    • Review risk exceptions per security processes, maintain risk register, and liaise with business units for tracking and closure. Support emergency security response in the event of a company-wide security incident or discovery of a significant security risk.
    • Build, review, and sustain information security metrics program with periodic dashboards and reports to management. Serve as subject matter expert.
    • Work closely with the Sales/Business teams to provide timely responses to security questionnaires requested by our clients.
    • Work closely with IT, Engineering, Product, Product, and other teams to ensure compliance and internal/external audit requirements are met.
    • Represent Zaggle as Information Security Officer and attend required client meetings to address and explain our security practices.

    Qualification & Experience required:

    • A degree in Information and Cyber Security or Technology or equivalent.
    • Circa 5+ years of experience in information security operations, preferably within the fintech or banking industry.
    • This experience should include leading teams responsible for implementing cybersecurity measures, managing incidents, and ensuring compliance with relevant regulations.
    • Regulatory Knowledge: A strong understanding of regulatory requirements and compliance frameworks relevant to financial services, such as PCI DSS, GDPR, SOC2, and other industry-specific regulations. The candidate should be adept at interpreting and applying these regulations within the context of the organization's operations.
    • Professional Certifications: Professional certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CRISC (Certified in Risk and Information Systems Control) are highly desirable. These certifications demonstrate expertise in information security management, risk assessment, and compliance.
    • Communication Skills: Excellent communication skills with the ability to effectively engage and influence stakeholders at all levels of the organization. The candidate should be able to articulate complex security concepts in a clear and understandable manner and communicate effectively with executive leadership, technical teams, and business stakeholders.