Information Security Officer

Position: Full Time

Responsibilities:

  • Develop and implement information security policies and procedures to ensure the protection of our payment solutions and customers’ information.
  • Conduct regular vulnerability assessments and penetration testing (VAPT) to identify security weaknesses and recommend corrective actions.
  • Manage the security of our code repository and ensure all code is securely stored and accessed only by authorized personnel.
  • Ensure compliance with information security standards, such as ISO 27001 and PCI DSS audits.
  • Work closely with the technology and product teams to ensure security measures are implemented in our Microsoft Stack applications.
  • Develop and maintain disaster recovery and business continuity plans to ensure our payment solutions are always available to our customers.
  • Establish and maintain relationships with industry experts, regulatory bodies, and law enforcement agencies to stay current with the latest trends and developments in information security.
  • Develop and maintain an incident response plan to ensure a rapid response to cyber threats and minimize the impact of any security incidents.
  • Conduct security awareness training for all employees to promote a security-conscious culture and minimize the risk of human error.
  • Develop and implement security controls for third-party vendors to ensure the security of our payment solutions throughout the supply chain.
  • Stay up-to-date with the latest threats and vulnerabilities in the fintech industry and recommend new security solutions and tools to mitigate risks.
  • Ensure compliance with privacy laws and regulations, such as the General Data Protection Regulation (GDPR) and the Nepal Information Technology Act.

Requirements:

  •  Bachelor’s or Master’s degree in computer science, information technology, or a related field.
  • Minimum of 8 years of experience in information security with at least 5 years in a leadership role.
  • Extensive experience with VAPT, ISO 27001, and PCI DSS audits, and a proven track record of successfully leading and managing these audits.
  • Experience working with Microsoft Stack applications and programming languages such as C#, Windows Services, JavaScript, SQL, and .NET Framework.
  • Strong understanding of encryption and authentication protocols, network security, and data integrity.
  • Excellent communication and interpersonal skills.
  • Professional certifications such as CISSP, CISM, or CISA are preferred.
  • Familiarity with regulatory compliance requirements and standards specific to the fintech industry, such as the Payment Card Industry Data Security Standard (PCI DSS) and the Electronic Fund Transfer Act (EFTA).
  • Strong leadership and people management skills, with the ability to build and motivate high-performing teams.
  • Excellent communication skills, with the ability to effectively communicate complex security concepts to non-technical stakeholders.
  • Ability to work effectively under pressure, prioritize tasks, and manage multiple projects simultaneously.

Name(Required)
Drop files here or
Accepted file types: doc, pdf, jpg, png, Max. file size: 2 GB.