REPORTS TO

Technical Lead

OVERVIEW

We are seeking an experienced and vigilant Information Security Officer (ISO) to join our dynamic team at Wishfin. As an ISO, you will be responsible for establishing and maintaining the enterprise vision, strategy, and programs to ensure information assets and technologies are adequately protected.

Key Responsibilities:

• Risk Management: Identify, assess, and prioritize potential security risks to our systems, data, and networks. Develop and implement strategies to mitigate these risks effectively.
• Security Policies and Procedures: Develop, implement, and enforce security policies, standards, and procedures to safeguard sensitive information and ensure compliance with relevant regulations (e.g., GDPR, PCI DSS).
• Incident Response: Lead incident response efforts, including investigation, containment, and resolution of security incidents. Implement measures to prevent future occurrences.
• Security Awareness Training: Develop and deliver training programs to educate employees on security best practices, emerging threats, and compliance requirements.
• Vendor Risk Management: Assess the security posture of third-party vendors and manage vendor relationships to ensure they meet our security standards.
• Security Architecture: Collaborate with IT and engineering teams to design, implement, and maintain secure architectures for our systems, applications, and networks.
• Security Audits and Compliance: Conduct regular security audits, assessments, and compliance reviews. Work with internal and external auditors to address findings and ensure continuous compliance with industry standards.
• Security Monitoring and Incident Detection: Deploy and manage security monitoring tools and technologies to detect and respond to security threats in real-time.
• Security Governance: Establish and chair a security governance committee to oversee security initiatives, monitor performance, and provide strategic direction to senior leadership.
• Security Incident Reporting: Prepare and present regular reports on the status of information security to senior management and relevant stakeholders.

Must have:

• Bachelor\'s degree in Computer Science, Information Technology, EXTC or a related field. Advanced degree or professional certifications (e.g., CISSP, CISM, CISA) are good to have not mandatory.
• Proven experience 2 years in information security roles, with a focus on risk management, compliance, and incident response in the fintech or financial services industry.
• knowledge of security frameworks (e.g., ISO 27001, NIST Cybersecurity Framework , Soc 2) and regulatory requirements (e.g., GDPR, PCI DSS, PSD2).
• Strong understanding of networking, encryption, authentication, and security technologies.
• Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and articulate complex security concepts to non-technical stakeholders.
• Analytical mindset with a keen attention to detail and the ability to think critically and strategically about security issues.
• Proven track record of driving security initiatives, managing security projects, and achieving measurable results.

Interested candidates can apply to this job or share updated resume at hrteam@wishfin.com