senior risk and compliance - secure by design
CRED
This job is no longer accepting applications
See open jobs at CRED.See open jobs similar to "senior risk and compliance - secure by design" General Catalyst.Design, Legal
Bengaluru, Karnataka, India
Posted 6+ months ago
what is CRED?
CRED is an exclusive community for India’s most trustworthy and creditworthy individuals, where the members are rewarded for good financial behavior. CRED was born out of a need to bring back the focus on a long lost virtue, one of trust, the idea being to create a community centered around this virtue. a community that constantly strives to become more virtuous in this regard till they finally scale their behavior to create a utopia where being trustworthy is the norm and not the exception. to build a community like this requires a community of its own; a community special in its own way, working towards making this vision come true.
here’s a thought experiment: what do you get when you put a group of incredibly passionate and driven people and entrust them with the complete freedom to chase down their goals in a completely uninhibited manner? answer: you get something close to what we have at CRED; CRED just has it better.
here’s what will be in store for you at CRED once you join
objective of Secure by Design:to shift security, regulatory, privacy, regulatory contractual compliance to the left. we assess all the products right from design/ construct phase and ensure compliance to security, privacy and regulatory requirements
what you will do?
- work and establish credibility with groups involved with payment / lending security and compliance matters (InfoSec, legal, business development, internal audit, fraud, physical security, developer community, networking, systems, etc.)
- you will review new / modifications of products features and processes. should provide support to internal departments in areas of compliance with regulatory bodies (i.e. RBI, SEBI, IRDAI), and dissemination of circulars issued by regulators
- you will create control frameworks in guidance of the team and conduct gap assessment against various regulatory guidelines and compliance requirements
- you will collaborate with business/engineering teams to implement compliance plans to mitigate risks in the early stage of product development
- you will identify and support opportunities for improving third-party risk posture and processes, including expanded monitoring, KRI tracking, etc. by applying knowledge of security, regulatory, and third-party risk lifecycle frameworks
- you will remain up to date on regulations and fintech processes applicable to IT security of the organization and update policies accordingly
- you will support in partner due-diligence activities by providing response to RFPs/ RFIs and client questionnaire
- You will draft and maintain documentation for security compliance including but not limited to PCI-DSS, RBI PSS, ISO27001, card brands (Visa, Mastercard), etc.
you should apply If :
- you have 4-8 years of relevant industry experience including information assurance, data privacy, and security compliance
- handled compliance implementation or information assurance/audit, data privacy
- experience in managing Audits and Cyber Security controls, standards and framework implementation
- have knowledge of cyber threats, vulnerabilities and risk in the payment/lending industry
- have experience in developing cyber security & privacy policies, procedures and standards
- basic understanding of regulatory requirements inline with fintechs
- basic knowledge of cloud (AWS / Azure / GCP)
how is life at CRED?
working at CRED would instantly make you realize one thing: you are working with the best talent around you. not just in the role you occupy, but everywhere you go. talk to someone around you; most likely you will be talking to a singer, standup comic, artist, writer, an athlete, maybe a magician. at CRED people always have talent up their sleeves. with the right company, even conversations can be rejuvenating. at CRED, we guarantee a good company.
hard truths: pushing oneself comes with the role. and we realise pushing oneself is hard work. which is why CRED is in the continuous process of building an environment that helps the team rejuvenate oneself: included but not limited to a stacked, in-house pantry, with lunch and dinner provided for all the team members, paid sick leaves and a comprehensive health insurance.
to make things smoother and to make sure you spend time and energy only on the most important things, CRED strives to make every process transparent: there are no work timings because we do not believe in archaic methods of calculating productivity, your work should speak for you. there are no job designations because you will be expected to hold down roles that cannot be described in one word. since trust is a major virtue in the community we have built, we make it a point to highlight it in the community behind CRED: all our employees get their salaries before their joining date. a show of trust that speaks volumes because of the skin in the game.
there are many more such eccentricities that make CRED what it is but that’s for one to discover. if you feel at home reading this, get in touch.
This job is no longer accepting applications
See open jobs at CRED.See open jobs similar to "senior risk and compliance - secure by design" General Catalyst.