Head of Security & Infrastructure (CISO)

Location: Gurugram | Full-Time

About the Company

A fast-growing fintech and wealth-tech platform is building next-generation digital infrastructure for wealth management, investment execution, reporting, analytics, and financial services. The platform serves retail investors, HNIs/UHNIs, corporate clients, and a large network of financial distributors across India.

Why This Role Matters

This is a strategic leadership role responsible for building and leading the organization's security function. You will oversee enterprise security, infrastructure protection, regulatory compliance, risk management, and security operations in a highly regulated financial services environment.

Key Responsibilities

Security Strategy & Governance

• Define and drive the organization's security roadmap, policies, standards, and controls.
• Conduct risk assessments and implement mitigation strategies.
• Lead compliance initiatives across financial and security regulations.
• Establish governance frameworks and security best practices.

Cloud & Infrastructure Security

• Secure cloud environments (AWS/Azure/GCP) and containerized workloads.
• Manage IAM, network security, encryption, secrets management, and access controls.
• Implement cloud security monitoring and posture management.
• Ensure infrastructure resilience and security guardrails.

Application & Data Security

• Build secure software development practices and security controls.
• Drive API security, authentication, authorization, and encryption standards.
• Implement DLP, database security, tokenization, and vulnerability management.
• Integrate security testing into CI/CD pipelines.

Incident Response & Security Operations

• Own incident response planning, breach management, forensics, and root cause analysis.
• Coordinate with regulatory and cybersecurity authorities when required.
• Lead security awareness initiatives across the organization.
• Manage third-party and vendor security risk assessments.

Leadership & Stakeholder Management

• Build and lead the security organization.
• Partner closely with Engineering, Product, Compliance, Risk, and Executive Leadership teams.
• Present security metrics, risks, and compliance updates to senior stakeholders.
• Drive a culture of security-first thinking across the company.

What We're Looking For

Required

• 8+ years of experience in Cybersecurity, Information Security, or Infrastructure Security.
• Prior experience leading security initiatives within FinTech, Banking, Broking, WealthTech, or other regulated industries.
• Strong expertise in cloud security, IAM, container security, and infrastructure protection.
• Hands-on experience with security frameworks such as ISO 27001, NIST, GDPR, and financial regulatory compliance.
• Experience with SIEM tools, vulnerability management platforms, DLP solutions, and security automation.
• Understanding of modern cybersecurity threats, including API attacks, account takeovers, data breaches, and supply-chain risks.
• Strong communication and stakeholder management skills.

Preferred

• CISSP, CISM, CEH, AWS Security Specialty, or equivalent certifications.
• Experience with security operations, incident response, and large-scale production environments.
• Exposure to Zero Trust architectures, SASE, and advanced security technologies.
• Experience securing financial platforms, trading systems, or investment ecosystems.