+977 9802310580Â | info@uptalent.com.np
Information Security Officer
Position: Full Time
Responsibilities:
- Develop and implement information security policies and procedures to ensure the protection of our payment solutions and customers’ information.
- Conduct regular vulnerability assessments and penetration testing (VAPT) to identify security weaknesses and recommend corrective actions.
- Manage the security of our code repository and ensure all code is securely stored and accessed only by authorized personnel.
- Ensure compliance with information security standards, such as ISO 27001 and PCI DSS audits.
- Work closely with the technology and product teams to ensure security measures are implemented in our Microsoft Stack applications.
- Develop and maintain disaster recovery and business continuity plans to ensure our payment solutions are always available to our customers.
- Establish and maintain relationships with industry experts, regulatory bodies, and law enforcement agencies to stay current with the latest trends and developments in information security.
- Develop and maintain an incident response plan to ensure a rapid response to cyber threats and minimize the impact of any security incidents.
- Conduct security awareness training for all employees to promote a security-conscious culture and minimize the risk of human error.
- Develop and implement security controls for third-party vendors to ensure the security of our payment solutions throughout the supply chain.
- Stay up-to-date with the latest threats and vulnerabilities in the fintech industry and recommend new security solutions and tools to mitigate risks.
- Ensure compliance with privacy laws and regulations, such as the General Data Protection Regulation (GDPR) and the Nepal Information Technology Act.
Requirements:
- Â Bachelor’s or Master’s degree in computer science, information technology, or a related field.
- Minimum of 8 years of experience in information security with at least 5 years in a leadership role.
- Extensive experience with VAPT, ISO 27001, and PCI DSS audits, and a proven track record of successfully leading and managing these audits.
- Experience working with Microsoft Stack applications and programming languages such as C#, Windows Services, JavaScript, SQL, and .NET Framework.
- Strong understanding of encryption and authentication protocols, network security, and data integrity.
- Excellent communication and interpersonal skills.
- Professional certifications such as CISSP, CISM, or CISA are preferred.
- Familiarity with regulatory compliance requirements and standards specific to the fintech industry, such as the Payment Card Industry Data Security Standard (PCI DSS) and the Electronic Fund Transfer Act (EFTA).
- Strong leadership and people management skills, with the ability to build and motivate high-performing teams.
- Excellent communication skills, with the ability to effectively communicate complex security concepts to non-technical stakeholders.
- Ability to work effectively under pressure, prioritize tasks, and manage multiple projects simultaneously.
Apply Now