Assistant Vice President - Information Security

The AVP Information Security will be responsible for protecting Interpolitan Money's digital assets, networks, and data by leading the company's cybersecurity, governance, risk, and compliance (GRC) programs. This role involves strategic planning, security operations management, regulatory compliance, and incident response, ensuring a robust cybersecurity posture across the organization.

Key Responsibilities:

1. Security Strategy & Governance

• Develop and execute a comprehensive cybersecurity strategy, aligned with business goals and regulatory requirements.

• Establish, enforce, and continuously improve information security policies, standards, and frameworks (ISO 27001, NIST, CIS Controls, etc.).

• Work closely with executive leadership and business units to integrate security-by-design principles into technology initiatives.

2. Risk & Compliance Management

• Conduct regular risk assessments, security audits, and penetration tests to identify vulnerabilities.

• Ensure compliance with industry regulations, including FCA, GDPR, PCI DSS, ISO 27001, SWIFT CSP, and SOC 2.

• Oversee vendor risk management, ensuring third-party providers meet security and compliance standards.

3. Security Operations & Incident Response

• Oversee Security Operations Center (SOC) and ensure real-time threat monitoring, detection, and response.

• Develop and implement Incident Response (IR) and Business Continuity (BCP) plans to handle cyber incidents effectively.

• Lead forensic investigations of security breaches, ensuring root cause analysis and remediation.

4. Identity & Access Management (IAM)

• Implement Zero Trust Architecture and best practices for privileged access management (PAM).

• Ensure role-based access control (RBAC), multi-factor authentication (MFA), and endpoint security policies are enforced.

• Regularly review and enhance IAM policies to prevent insider threats and unauthorized access.

5. Security Awareness & Training

• Develop and roll out employee cybersecurity awareness programs to reduce human-related security risks.

• Conduct regular phishing simulations, security workshops, and compliance training for employees.

6. Collaboration & Leadership

• Act as the primary liaison between the security team, IT, and business units, ensuring smooth alignment of security and operational goals.

• Provide security advisory support to product development, IT operations, and executive leadership.

Requirements

Key Requirements:

• Bachelor's/Master's degree in Cybersecurity, Computer Science, or a related field.

• 10+ years of experience in information security, with at least 5+ years in a leadership role.

• Certifications such as CISSP, CISM, CEH, ISO 27001 Lead Auditor, or CCSP are strongly preferred.

• Extensive experience in SIEM (Splunk, QRadar, etc.), threat intelligence, and endpoint security.

• Strong expertise in GRC frameworks, regulatory compliance, and security risk management.

• Deep understanding of cloud security (AWS, Azure, Google Cloud) and DevSecOps principles.

• Excellent problem-solving, leadership, and stakeholder management skills.

Benefits

Current benefits:

• ESOP Participation for high performers

• Birthday Holidays

• Group Medical Coverage as per local in-country norms

Qualification

Master's Degree