About Us: Paytm is India’s leading financial services platform, offering full-stack payments, financial, and commerce solutions to over 300 million users and 20 million merchants. As we embark on our next phase of global growth, we are expanding our presence into the Kingdom of Saudi Arabia (KSA) and broader Middle East (ME) markets, with a sharp focus on digital payments, fintech solutions, and merchant services.
About the Role: We are seeking an accomplished Cyber Security & Information leader to define and execute the regional security strategy for Paytm across Dubai & KSA markets. You will own the end‑to‑end security leadership: strategy & governance, risk & compliance, product and application security, data protection, threat management, cloud/platform security, third‑party assurance, and business resilience. The ideal leader blends deep technical expertise with strong regulatory fluency in the GCC, and has scaled security programs for high‑growth, regulated fintechs/payments.
Key Responsibilities:Risk & Compliance: Own the Information Security Management System (ISMS) anchored on ISO/IEC 27001, NIST CSF, and PCI DSS for payments. Ensure adherence to relevant regional frameworks, including:UAE: Central Bank ISR/standards (for regulated entities), UAE PDPL, DIFC & ADGM Data Protection laws, Dubai DESC policies; national cyber requirements.KSA: SAMA Cybersecurity Framework (as applicable), NCA ECC/CCC, PDPL, and guidance from CST (formerly CITC).Lead audits, certifications, attestations (e.g., PCI DSS, ISO 27001, SOC 2), and regulator/partner assessments; close findings with measurable risk reduction.Security Operations & Incident Response: Build and lead 24x7 detection & response (SOC) capabilities, integrating threat intel, EDR/XDR, SIEM, SOAR, and deception/honeypots.Establish incident management playbooks (IR, breach notification, forensics, eDiscovery) with clear RACI and crisis communications.Conduct red/blue/purple teaming, tabletop exercises, and continuous attack surface management across cloud and edge.Product, Application & Payments Security: Embed secure SDLC (S-SDLC), architecture reviews, threat modeling, SAST/DAST/IAST, dependency & SCA, secrets hygiene, and runtime protection (RASP).Lead payment security (tokenization, cryptography/HSM, key management, 3‑D Secure, anti‑fraud signal integration) with strong mobile & API security.Data Protection & Privacy: Implement data classification, DLP, encryption (at rest/in transit/in use), data minimization, and privacy‑by‑design.Partner with Legal/Privacy on UAE PDPL, DIFC/ADGM DP, and KSA PDPL obligations (lawful bases, cross‑border transfers, DPIAs, data subject rights, breach notification).Cloud, Platform & Infrastructure Security: Govern multi‑cloud security (AWS/Azure/GCP), container/K8s hardening, identity & access (IAM, PAM, CIEM), network micro‑segmentation, secrets/PKI, and zero‑trust architectures.Drive resilience: BCP/DR, RTO/RPO objectives, chaos testing, capacity & performance security.Third‑Party & Supply Chain Risk: Establish a robust vendor security assurance program (pre‑contract due diligence, ongoing monitoring, SBOM/SCRM, fourth‑party visibility).Ensure secure fintech/payments integrations with banks, card schemes, gateways, and partners in UAE & KSA.Culture, Talent & Budget: Build and mentor a high‑performing, diverse security team; define clear career frameworks and succession.Own security budgeting, ROI metrics, and investment prioritization; champion a security‑first culture through training and executive engagement.Stakeholder & External Engagement: Serve as the senior security liaison for regulators, central banks, partners, and auditors in the UAE and KSA.Represent Paytm at regional forums; contribute to policy consultations and industry working groups.
Key Requirements:15 to 20+ years of progressive security leadership, with 5+ years leading security for fintech/payments, digital banks, or large‑scale consumer tech. Demonstrated success building and operating security programs across UAE and KSA (or broader GCC) with regulatory exposure.Strong command of PCI DSS, ISO 27001, NIST CSF, cloud security (CIS benchmarks), and privacy regimes (UAE & KSA PDPLs).Hands‑on depth across SOC/IR, cloud & application security, cryptography/HSM, key management, IAM/PAM, and third‑party risk.Executive communication and Board reporting; able to translate complex risks into business terms.Bachelor’s degree in Computer Science/Engineering or related; advanced degree is a plus.
Why Join Us? Be part of Paytm’s global expansion journey at a leadership level.Drive impact in high-opportunity markets shaping the future of payments in the Middle East.Work with India’s most innovative fintech brand with strong backing, tech capability, and ambition to scale globally.
الإبلاغ عن وظيفة
