Senior InfoSec Manager

This role is for one of Weekday’s clients
Salary range: Rs 2000000 - Rs 3000000 (ie INR 20-30 LPA)
Min Experience: 5 years
Location: Bangalore
JobType: full-time

We are seeking an experienced Senior Information Security Manager who will be responsible for building, implementing, and leading organisation's Information Security function to safeguard data, systems, and operations. This is a senior leadership role with cross-functional exposure, critical for ensuring compliance with regulatory guidelines (RBI, ISO, etc.) and managing security risks in a digital-first financial ecosystem.

Key Responsibilities

1. Strategic Leadership

• Define and implement Finnable’s overall Information Security strategy aligned with
  business objectives and regulatory expectations.
• Act as the primary liaison with senior management and regulators (including RBI) on security-related matters.
• Establish and chair the Information Security Steering Committee.

2. Governance, Risk, and Compliance (GRC)

• Ensure compliance with RBI cybersecurity and IT risk management guidelines for
  NBFCs/fintechs.
• Lead audits, regulatory inspections, and external assessments (ISO 27001, IS, SOC, etc.).
• Develop and maintain security policies, standards, and procedures.

3. Security Operations & Risk Management

• Oversee security monitoring, incident detection, and response (SIEM, SOC).
• Perform regular risk assessments, vulnerability assessments, and penetration testing.
• Manage identity & access control, endpoint protection, and network security.
• Lead crisis management in case of cyber incidents.

4. Data Privacy & Protection

• Ensure compliance with India’s DPDP Act and global privacy regulations where
  applicable.
• Implement strong data classification, encryption, and retention policies.

5. Collaboration & Awareness

• Partner with Engineering, IT, and Operations teams to embed security by design.
• Lead internal training, awareness programs, and phishing simulations.

Qualifications & Experience

1. Education: Bachelor’s degree in Computer Science, Information Technology, or related field. (Advanced certifications preferred.)

2. Experience:

• Minimum 5+ years of experience in Information Security roles.
• Strong preference for candidates from lending, payments, or fintech organisations.
• Demonstrated ability to manage compliance with RBI, ISO 27001 frameworks.
• Certifications (preferred): CISSP, CISM, CISA, ISO 27001 Lead Auditor/Implementer, CEH.

3. Key Skills:

• Deep knowledge of cybersecurity frameworks (NIST, ISO 27001, RBI Master Directions).
• Strong leadership and stakeholder management skills.
• Hands-on experience in risk management, incident response, and regulatory compliance.
• Excellent communication and presentation skills (regulator and board-level interaction).
• Ability to balance business agility with robust security controls.