Chief Information Security Officer

Indifi is an exciting, well-funded fintech start-up enabling micro, small and medium enterprises

(MSME) financing in India, by providing small businesses access to multiple lenders. The company has

received funding from top-tier VC firms such as Accel Partners, Elevar Equity and Omidyar Network.

We are developing a lending platform that is unique amalgamation of customer acquisition, data

acquisition through integration with diverse financial infrastructure in India, automated

underwriting, documentation and payment gateways. Technology platform consist of micro Services

predominately built using Angular.js, Node.js, Java, Python, RDBMS and Analytics stores by

leveraging Big Data and open-source technologies.

Scalability, stability, quick feature turnaround and agility including continuous integration and

deployment are core pillars of technology execution.

Key Responsibilities :

Establish, implement and monitor a strategic, comprehensive enterprise information

security and IT risk management program

Work directly with the business units to facilitate risk assessment and risk management

processes

Develop and enhance an information security management framework.

Understand and interact with related disciplines through committees to ensure the

consistent application of policies and standards across all technology projects, systems and

services

Provide leadership to the enterprise's information security organization

Partner with business stakeholders across the company to raise awareness of risk

management concerns

Assist with the overall business technology planning, providing a current knowledge and

future vision of technology and systems

Conduct regular internal audits in compliance with applicable legal and contractual

requirements, ISO 27001 and PCI DSS requirements and companies internal requirements

Conduct regular Management reviews and update the management on information security

aspects. The MRMs shall also focus on drawing Management attention to the key areas for

required management actions.

Ensure customer audits as well as re-certification and surveillance audits.

Coordinate with relevant stakeholders to address the NC closures.

Ensure the information incidents are responded and resolved on time to ensure compliance

with legal and contractual requirements.

What you will need to succeed:

Degree in business administration or a technology-related field required

Professional security management certification

Minimum of 3 years of experience in a combination of risk management, information

security and IT jobs

Knowledge of common information security management frameworks, such as ISO/IEC

27001, and PCI DSS.

Excellent written and verbal communication skills and high level of personal integrity

Innovative thinking and leadership with an ability to lead and motivate cross-functional,

interdisciplinary teams

Experience with contract and vendor negotiations and management including managed

services.

Experience with Cloud computing/Elastic computing across virtualized environments.