Information Security Manager

About Easebuzz:
Easebuzz is Indias one of the first and foremost end-to-end SAAS enabled payments platform. We are a SaaS-unifying payment aggregation platform interconnecting banks networks acquirers and processors for merchant payments. We create value by enabling seamless workflows which help merchant to have a better collection efficiency. Our vision is to verticalize payments with industry specific solutions that can increase the online GDP of India. Weve been building on business value for our merchants since 2014 and are trusted by over 1.5 lac merchants. We are unique in terms of our offering to our merchants and our excitement lies in building together where we all can thrive for future. We have been consistently profitable for 10 years and continuing to scale rapidly. Backed by a strong product roadmap and execution we closed a funding round of $30 million in 2025 led by leading VC firms and strategic investors. This comes in addition to our earlier $4 million fundraise in March 2021. Easebuzz has been granted Full Authorization from the Reserve Bank of India (RBI) for payment aggregator license in 2025. Our corporate culture is built on openness ownership and collaboration. We are an equal opportunity employer and celebrate diversity across all levels. At Easebuzz youll find yourself working with passionate colleagues who are committed to growing together. Headquartered in Pune we also have a presence in Delhi (2 offices) Mumbai Kolkata Bengaluru and Gurugram.

Position Overview

The Manager of Information Security is responsible for overseeing the development implementation and management of an organizations information security program. This role involves ensuring the confidentiality integrity and availability of corporate data and IT systems protecting them from cyber threats and vulnerabilities. The Manager will work closely with various teams to establish and enforce security policies conduct risk assessments and lead incident response efforts.

Key Responsibilities

- Lead the creation of security awareness programs for employees to foster a security-conscious culture.

- Maintain and report on the status of the organizations security posture to leadership.

- Conduct regular risk assessments to identify vulnerabilities and threats to critical systems and data.

- Work with the business to evaluate security risks associated with new projects third-party vendors and technologies.

- Prioritize and recommend security measures to mitigate identified risks.

- Lead efforts to perform security audits and assessments ensuring adherence to compliance and regulatory requirements.

- Lead the response to security incidents including identification containment eradication recovery and post-incident analysis.

- Develop and maintain incident response plans conduct tabletop exercises and ensure effective communication during a crisis.

- Collaborate with legal communications and management teams during and after incidents particularly for breach notifications and regulatory reporting.

- Oversee the day-to-day operations of security technologies and tools (e.g. SIEM firewalls endpoint security intrusion detection systems).

- Ensure continuous monitoring of security events and threats performing analysis and response as needed.

- Maintain and optimize vulnerability management programs including patching and remediation efforts.

- Foster a collaborative and effective security team ensuring appropriate skill sets and training programs.

- Work closely with IT and other departments to ensure that security is integrated into all stages of system development and operations.

- Ensure compliance with relevant legal regulatory and industry standards for data protection and cybersecurity.

- Maintain documentation for audits certifications and external assessments.

- Coordinate with external auditors and regulators as needed.

- Stay current on evolving security threats vulnerabilities and technologies.

- Continuously evaluate and improve security processes tools and policies.

- Participate in industry forums conferences and professional groups to enhance knowledge and best practices.

Required Qualifications

- Bachelors degree in Computer Science Information Technology Cybersecurity or a related field (or equivalent work experience).

- At least 3-5 years of experience in information security.

- Deep knowledge of information security principles frameworks (NIST ISO 27001PCI-DSSSOC2 Type II RBI Regulation related to Payment Industries) and compliance requirements.

- Hands-on experience with security tools and technologies (e.g. SIEM firewalls intrusion detection/prevention systems endpoint protection DLP E-mail Security).

- Strong understanding of risk management and incident response practices.

- Proven ability to manage and lead security teams in a dynamic fast-paced environment.

- Strong communication skills both written and verbal with the ability to convey complex security concepts to non-technical stakeholders.

Preferred Qualifications

- Security certifications such as ISO27001 Lead Auditor or CISA (Certified Information Systems Auditor).

- Experience with cloud security and securing cloud infrastructures (AWS).

- Knowledge of secure software development practices and DevSecOps.

- Experience in vulnerability management and penetration testing.