Experience: 8-12 years
What You’ll Do:
- Develop and execute a holistic application and cloud security strategy aligned with industry best practices and regulatory requirements.
- Lead a team of security professionals responsible for assessing, testing, and securing our applications and cloud environments.
- Collaborate closely with software development and cloud engineering teams to embed security into the development and deployment lifecycle (DevSecOps), including secure coding practices, vulnerability assessments, and cloud security controls.
- Lead security reviews and audits of our systems, networks, and applications.
- Provide strategic guidance and recommendations to executive leadership on security investments, priorities, and initiatives.
- Serve as a subject matter expert and advisor to executive leadership on application and cloud security matters communicating security risks and strategies effectively.
- Conduct regular risk assessments and security audits of our application and cloud infrastructure, identifying vulnerabilities and recommending remediation measures.
- Oversee the implementation and management of security controls and technologies to protect against internal and external threats targeting our applications and cloud services.
- Provide guidance and support to project teams in implementing secure cloud architectures and ensuring compliance with security policies and standards.
- Stay abreast of emerging threats and security trends in application and cloud security, proactively adapting security measures to mitigate risks.
- Implement and manage security controls, technologies, and best practices to protect against internal and external threats targeting applications and cloud services.
- Ensure compliance with security policies, standards, and regulatory requirements related to application and cloud security.
What you need to have?
- Bachelor's / master’s degree in computer science, Information Security, or a related field; advanced degree preferred.
- Proven experience (7+ years out of 12+ years) in a senior leadership role within application and cloud security, with a strong background in implementing effective security strategies across diverse environments.
- Deep understanding of cloud technologies (e.g., AWS, Azure, GCP) and cloud security best practices.
- Strong knowledge of software development methodologies and secure coding principles, with experience in DevSecOps practices and tools as follows [ Gitleaks, SonarQube, Dependnecy Track, Terrascan, OWASP ZAP, Mobsf, Defect Dojo and RHACS ]
- Experience of Threat Modelling against any 1 or multiple of the following standards: Stride, Dread, Pasta and Attack Trees for Cloud, API, Mobile Application are preferred.
- Expertise and deep understanding on CNAPP [ CPSM, CWPP, CIEM].
- Expertise in Vulnerability life cycle related with PCI DSS, PCI 3DS and SOC2 etc
- Deep understanding and hands on Fortify, Tenable and Burp Suite preferred.
- Expertise in industry standards and frameworks related to application and cloud security (e.g., OWASP, CIS Benchmarks, CSA Cloud Controls Matrix).
- Experience leading and managing a team of security professionals, fostering a culture of collaboration and continuous improvement.
- Excellent communication and interpersonal skills, with the ability to engage and influence stakeholders at all levels of the organization.
- Relevant certifications (e.g., CISSP, CCSP, CISM) preferred.
- Proven track record of driving security initiatives and achieving measurable outcomes in a complex and dynamic environment.
Who We Are: Home(m2pfintech.com)
Founded in the year 2014 and headquartered in Chennai, M2P Fintech is Asia’s largest API infrastructure company offering a wide gamut of services that enable businesses of any scale to embed financial services.
M2P Fintech is an omni-channel platform that operates in over 20 markets across the Asia Pacific, MENA, and Oceania regions. M2P works with over 100+ banks, 100+ NBFCs, and has clocked over 600+ Fintech engagements across various industries serving over 35 million end users.
M2P pioneers in next-gen fintech through innovative offerings across the payments, lending, and banking ecosystem. Our comprehensive tech-stack powers the core banking system, core lending suite, BNPL, customized credit cards, prepaid cards, and much more.
M2P is backed by reputed investors – fintech industry veterans (such as Amrish Rau – PayU, Kunal Shah – CRED, Jitendra Gupta – Jupiter, etc) as well as reputed international venture capital funds (such as Insight Partners, MUFG, Tiger Global, Beenext, Flourish Ventures and Omidyar Network).
Why Join Us:
We are a Fun bunch to be with..!
- People First Culture
- People Friendly Guidelines
- Equal Opportunity Organization
- Better Half Program
- Buddy Referral Program
- Health & Wellness Programs
- Comprehensive Medical Insurance for dependents including parents
- Tax Saving Structure
- ESOPs
- Sports Clubs & Fun Committees
- Office Libraries
- Snack Pantries