Are you passionate about solving roadblocks & challenges faced by MSMEs in India?
MSMEs contribute significantly to Indias total GDP. 90% of Indias ~$1 Trillion Retail Market is controlled by Micro, Small & Medium Enterprises (MSMEs). Which means ~$900B worth of commerce flows through these ~60M MSMEs in the form of shops/kiosks/homes, scattered all over the country. We at Khatabook, have a vision to empower MSMEs and help them increase their incomes. We have built a product that brings efficiency in MSME operations by providing them easy to use tools to manage their receivables, inventory and billing which creates transparency in their cash flow. Within the Khatabook platform, we have also enabled the facility to take loans for their short term working capital needs for select Khatabook users that are displaying good credit behavior. Our app has been downloaded over 100 Million times with a monthly active user base of 8 Million+ which are adding 220 Million+ transactions with a transaction value of $18 Billion.
Why work with us ?
People are our biggest asset! At Khatabook, every one of us is a dynamic superstar. We have carefully bred an ecosystem which hires nothing but incredibly and exceptionally talented people who can dream, collaborate, experiment, and break new ground. Were a strong team that looks out for each other.
Your role :
We, at Khatabook are looking for a Program Lead - Information Security. As a Program Lead - InfoSec, you will be implementing and maintaining various security standards, regulations, and best practices (e.g.,ISO 27001, SOC 2) while ensuring compliance with India's data localization requirements through comprehensive risk management and audit programs. We're seeking a seasoned security professional with 8+ years of experience who can translate complex security requirements into actionable policies, demonstrate strong stakeholder management skills, and bring hands-on experience in building security programs that enable business growth while maintaining robust security controls.
What would you do at Khatabook ?
- Governance, Risk, and Compliance (GRC):
xe2x97x8f Develop, implement, and maintain the organizations GRC program to ensure alignment with business objectives and regulatory requirements.
xe2x97x8f Identify, assess, and mitigate information security risks across the organization.
xe2x97x8f Establish and enforce policies, procedures, and controls to ensure compliance with applicable laws, regulations, and standards.
xe2x97x8f Coordinate with internal teams for security controls implementation
xe2x97x8f Monitor and report on security metrics to senior management
- Audit Management:
xe2x97x8f Act as the primary point of contact for internal and external audits, including ISO 27001, SOC 2, and other relevant frameworks.
xe2x97x8f Prepare for and facilitate audits by coordinating with cross-functional teams, gathering evidence, and addressing auditor inquiries.
xe2x97x8f Ensure timely remediation of audit findings and implement corrective actions to maintain compliance.
- ISO 27001 and SOC 2 Implementation:
xe2x97x8f Lead the implementation, maintenance, and continuous improvement of ISO 27001 and SOC 2 compliance programs.
xe2x97x8f Conduct gap assessments and develop action plans to address deficiencies.
xe2x97x8f Manage the documentation of policies, procedures, and controls required for certificationand recertification.
- Security Awareness and Training:
xe2x97x8f Develop and deliver security awareness programs to educate employees on information security policies, procedures, and best practices.
xe2x97x8f Provide training to internal teams on GRC-related topics and audit readiness.
- Vendor and Third-Party Risk Management:
xe2x97x8f Assess and monitor the security posture of third-party vendors and partners to ensure compliance with organizational standards.
xe2x97x8f Review and negotiate security terms in contracts and agreements.
What are we looking for ?
MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.