Manager Cyber Defence Job in Payu

Title: Manager Cyber Defence

Exp: 8 to 9 Yrs.

Education: Bachelor / Masters degree

About Company: PayU, the fintech-arm of Naspers, is a leading financial services provider in global growth markets. We use our expertise and heritage in cross border and local payments to extend the services we offer to merchants and consumers. Our innovative technology, developed in-house as well as through investments and strategic partnerships, empowers billions of people and millions of merchants to buy and sell online, extending the reach of financial services.

Our local operations span 18 growth markets across Asia, Central and Eastern Europe, Latin America, the Middle East and Africa. Here we deliver fast, simple and efficient financial services technology that unlocks access to more than 2.3 billion consumers in our regions. Regulated under the Reserve Bank of India, PayU India has advanced solutions to meet every digital payment need.

The company has an in-depth understanding of the vast and intricate details of the Indian market and its payment landscape. The company brings convenience and trust through continuous innovation leveraging technology.

PayU India forays into two business verticals payment offerings under PayU Payments Services Ltd. and alternate lending under PayU Finance. Headquartered in Sohna Road, Gurgaon, the company has a presence in Mumbai, Pune and Bangalore and has a total strength of 700+ employees. Anirban Mukherjee is the CEO for PayU India working with the global CEO Laurent Le Moal.

Under the aegis of PayU Payments Services Ltd., PayU provides payment gateway solutions to online businesses through its cutting-edge and award-winning technology. In India, PayU covers nearly 60% of the airline business and 90% of the entire e-commerce business and processes over INR 120,000 crores worth of digital payments annually (at current run rates). The company offers more than 70 local payment methods and serves more than 350,000 merchants including leading e-commerce businesses in India. The company also empowers SMBs, enabling them to accept mobile and online payments with minimum development effort. With credit being the key business priority, PayU has also developed LazyPay, an alternate lending platform to offer credit solutions such as Small Ticket Credit (Buy Now, Pay Later), App based personal loans and Point of Sale Credit (Merchant EMI). Since its launch in 2017, LazyPay has gained significant traction and has disbursed 20mn+ loans to a customer base of a million user.

PayU is bullish on investment opportunities in India. The company has been an aggressive investor, committed to the evolution of fintech in the country. PayU has spent about $250 million over the past three years in Asias third-largest economy and is further scouting for more lucrative investment and acquisition opportunities to fuel growth. PayUs acquisitions in India include that of Wibmo (April 2019 worth $70 mn) and Citrus Payment Solutions (September 2016 for $130 mn). PayU has also invested in PaySense (July 2018) and ZestMoney (December 2016) in India.

Requirements

Lead the team of Cyber Security experts managing application security, vulnerability assessment, penetration testing, mobile application security review with expertise into end to end SDLC life cycle.

• Develop information security plans and policies: help plan and carry out an organizations information security strategy. Develop a set of security standards and best practices for PayU, and recommend security enhancements to management as needed. Develop strategies to respond to and recover from a security breach. Educating staff on information security through training and building awareness.
• Implement Protections using firewalls and data encryption programs, to protect PayUs sensitive information. Simulate an attack on the system to highlight or find any weaknesses that might be exploited by a malicious actor.
• Plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents to minimize business impact. Monitor PayUs networks and systems for security breaches or intrusions. Notify intrusions & take corrective actions with help of SoC Team.
• Investigate security breaches: Leads incident response activities to minimize the impact. Lead technical and forensic investigation of incidents & reporting.
• Define & develop blue team & red teams with an eye for Security architecture reviews on cloud & on premise.
• Conduct post incident reviews to determine the root cause of information security incidents, develop corrective actions, reassess risk, evaluate response effectiveness and take appropriate remedial actions.

Core skills

• Strong understanding of web-related technologies & SDLC (Web applications, Web Services, and Cloud Service-Oriented Architectures) and of network/web related protocols. Direct experience with intrusion detection, firewalls, and content filtering.
• Knowledge of risk assessment tools, technologies, and methods. Experience managing Information Security program, Cloud Security
• OSCP / CISSP / CCSP certified.
• Experience designing secure networks, systems and application architectures. Knowledge of applicable practices and laws relating to data privacy and protection.
• Ability to communicate network security issues to peers and management.
• Ensure that risk assessments, vulnerability assessments and threat analyses are conducted periodically and consistently to identify risk to the organizations information.
• A keen eye for detail, think one step ahead of criminals. Well organized and thrive in fast-paced, high-stress scenarios.

Advanced skills

• Strong understanding of endpoint security solutions to include File Integrity Monitoring and Data Loss Prevention.
• Proven work experience in one or more of security consulting, audit, VA/PT, code review, managed security services.
• Detailed technical knowledge of techniques for authentication and authorization, applied cryptography, security vulnerabilities, and remediation.