Job Description

:
This role is for one of Weekday's clients
Salary range: Rs 2000000 - Rs 3000000 (ie INR 20-30 LPA)
Min Experience: 5 years
Location: Bangalore
JobType: full-time
Requirements:
We are seeking an experienced Senior Information Security Manager who will be responsible for building, implementing, and leading organisation's Information Security function to safeguard data, systems, and operations. This is a senior leadership role with cross-functional exposure, critical for ensuring compliance with regulatory guidelines (RBI, ISO, etc.) and managing security risks in a digital-first financial ecosystem.
Key Responsibilities
1. Strategic Leadership

• Define and implement Finnable's overall Information Security strategy aligned with

business objectives and regulatory expectations. * Act as the primary liaison with senior management and regulators (including RBI) on security-related matters.

• Establish and chair the Information Security Steering Committee.

2. Governance, Risk, and Compliance (GRC)

• Ensure compliance with RBI cybersecurity and IT risk management guidelines for

NBFCs/fintechs. * Lead audits, regulatory inspections, and external assessments (ISO 27001, IS, SOC, etc.).

• Develop and maintain security policies, standards, and procedures.

3. Security Operations & Risk Management

• Oversee security monitoring, incident detection, and response (SIEM, SOC).
• Perform regular risk assessments, vulnerability assessments, and penetration testing.
• Manage identity & access control, endpoint protection, and network security.
• Lead crisis management in case of cyber incidents.

4. Data Privacy & Protection

• Ensure compliance with India's DPDP Act and global privacy regulations where

applicable. * Implement strong data classification, encryption, and retention policies.
5. Collaboration & Awareness

• Partner with Engineering, IT, and Operations teams to embed security by design.
• Lead internal training, awareness programs, and phishing simulations.

Qualifications & Experience
1. Education: Bachelor's degree in Computer Science, Information Technology, or related field. (Advanced certifications preferred.)
2. Experience:

• Minimum 5+ years of experience in Information Security roles.
• Strong preference for candidates from lending, payments, or fintech organisations.
• Demonstrated ability to manage compliance with RBI, ISO 27001 frameworks.
• Certifications (preferred): CISSP, CISM, CISA, ISO 27001 Lead Auditor/Implementer, CEH.

3. Key Skills:

• Deep knowledge of cybersecurity frameworks (NIST, ISO 27001, RBI Master Directions).
• Strong leadership and stakeholder management skills.
• Hands-on experience in risk management, incident response, and regulatory compliance.
• Excellent communication and presentation skills (regulator and board-level interaction).
• Ability to balance business agility with robust security controls.