Information Security Risk Lead

1 Day ago • 10 Years +

Job Summary

Job Description

The Information Security Risk Lead will be an information security expert responsible for reducing information security risks and identifying improvement opportunities. They will work within the Second Line of Defence, overseeing information security controls, interacting with third-party stakeholders, defining information security standards for India operations, managing information security risks, and improving the global ISMS. The role involves implementing real-time compliance monitoring, working with stakeholders to deliver risk treatment plans, ensuring alignment with industry frameworks, conducting risk assessments, defining key risk indicators, facilitating audits, and promoting a strong security culture. The candidate will also prepare reports on security posture and compliance for senior management and ensure compliance with regulatory requirements.
Must have:
  • 10+ years of experience in information security GRC roles.
  • Experience interacting with financial regulators and government agencies in India.
  • Familiarity with modern engineering and security paradigms.
  • Experience using GRC tooling for compliance and risk management.
  • Experience working in a financially regulated or tech-driven organization.
Good to have:
  • Experience with ISO 27001 program implementation.
  • Experience with security control frameworks (ISO 27001, NIST CSF, etc.).
  • Experience with audits applicable to information security (ISO 27001, SAR, SOC2, etc.).
  • Experience with information security risk assessments and control oversight.
  • Good technical knowledge in the field of information security.
  • Experience leading information security risk treatment projects.
  • In-depth knowledge of payment security standards and regulations.
  • Relevant certifications such as CISSP, CISM, CISA.
Perks:
  • Competitive salary
  • Self & Family Health Insurance
  • Term & Life Insurance
  • OPD benefits
  • Mental wellbeing platform Plumm
  • Learning & Development budget
  • WFH setup allowance
  • 15 days of Privilege leaves
  • 12 days of Casual leaves
  • 12 days of Sick leaves
  • 3 paid day-offs for volunteering or L&D activities

Job Details

ABOUT TIDE

At Tide, we are building a business management  platform designed to save small businesses time and money. We provide our members with business accounts and related banking services, but also a comprehensive set of connected administrative solutions from invoicing to accounting.


Launched in 2017, Tide is now used by over 1 million small businesses across the world and is available to UK, Indian and German SMEs. Headquartered in central London, with offices in Sofia, Hyderabad, Delhi, Berlin and Belgrade, Tide employs over 2,000 employees.


Tide is rapidly growing, expanding into new products and markets and always looking for passionate and driven people. Join us in our mission to empower small businesses and help them save time and money.

About You

You’ll be an information security expert, with a great eye for information security risk reduction and continual improvement opportunities. If fast-paced environments, cross-team exposure, inquisitive freedom and the ability to have a real impact on a rapidly growing scale-up appeals to you, then you already have the mind of a Tidean. You’ll join an ambitious team of highly motivated security specialists who interface with all areas of the business in order to drive down information security risk at Tide, whether it is technical, procedural or cultural. 

Some of the things you’ll be doing: 

  • You’ll operate as part of the Second Line of Defence (2LOD), providing independent oversight and challenge on information security controls —focusing on governance, regulatory alignment, risk management  and reporting, rather than hands-on control implementation.
  • Interacting with 3rd party stakeholders such as partners and regulators, on behalf of Tide Risk & Compliance .
  • Defining information security standards specific to Tide’s India operations, in close alignment with the  global ISMS.
  • Acting as a thought leader in the context of local information security requirements.
  • Managing information security risk in accordance with Tide’s Global Risk Management Framework & Indian Regulatory requirements.
  • Managing and improving Tide’s global  ISMS.
  • Implementing real-time compliance monitoring and risk management processes using modern GRC tooling, utilising automation wherever possible.
  • Working with 1LOD stakeholders across the business in order to deliver information security risk treatment plans .
  • Ensuring alignment with industry recognised information security control frameworks, such as ISO 27001, NIST CSF.
  • Conducting information security risk assessments and control oversight .
  • Defining and measuring global key risk indicators, and interpreting  data from modern information security tooling to develop insightful risk reporting.
  • Defining and measuring relevant local key risk indicators specific to Tide’s India operations.
  • Facilitating external audit requirements, and working with stakeholders across 1LOD and 3LOD to close information security audit findings.
  • Reinforcing a strong security culture and awareness message throughout the business.
  • Prepare and present regular reports on security posture, risk status, and compliance efforts to senior management, audit committees, and regulatory bodies as required.
  • Ensuring Tide’s compliance with all applicable regulatory requirements, and keeping abreast of new regulatory and compliance developments.

You’ll be a great fit if:

  • You have a minimum of 10 years experience working in information security GRC (governance, risk & compliance) related roles
  • You have experience interacting with financial regulators and government agencies in India (e.g. RBI, CERT-IN)
  • You are familiar with modern engineering and security paradigms  such as DevSecOps within CI/CD pipelines, Infrastructure as Code (IaC), Zero Trust architecture, containerisation, microservices, and cloud-native development.
  • You understand how effective change management can be implemented within agile, fast-paced environments, and can balance risk oversight without relying on legacy control models such as monthly CABs.
  • You have experience using GRC tooling to monitor compliance and carry out risk management activities.
  • You have experience working at or on behalf of a financially regulated organisation
  • You have experience working at or on behalf of a technology-driven  organisation
  • You’ve implemented, maintained and supported an ISO 27001 program
  • You have experience with security control frameworks such as the ISO 2700 series, NIST CSF, CIS Critical Security Controls, PCI DSS etc.
  • You have experience with audits applicable to information security such as ISO 27001, RBI Systems Audit Report (SAR), SOC2, Data Localisation, etc.
  • You’ve performed information security risk assessments and control oversight
  • You have good technical knowledge in the field of information security 
  • You have led information security risk treatment  projects
  • In-depth knowledge of payment security standards, data protection regulations, RBI Master Directions, and risk management frameworks.
  • Relevant certifications such as CISSP, CISM, CISAare strongly preferred.

What you’ll get in return: 

  • Competitive salary
  • Self & Family Health Insurance
  • Term & Life Insurance
  • OPD benefits
  • Mental wellbeing platform Plumm
  • Learning & Development budget
  • WFH setup allowance
  • 15 days of Privilege leaves
  • 12 days of Casual leaves
  • 12 days of Sick leaves
  • 3 paid day-offs for volunteering or L&D activities

TIDE IS A PLACE FOR EVERYONE

At Tide, we believe that we can only succeed if we let our differences enrich our culture. Our Tideans come from a variety of backgrounds and experience levels. We consider everyone irrespective of their ethnicity, religion, sexual orientation, gender identity, family or parental status, national origin, veteran, neurodiversity or differently-abled status. We celebrate diversity in our workforce as a cornerstone of our success. Our commitment to a broad spectrum of ideas and backgrounds is what enables us to build products that resonate with our members’ diverse needs and lives. 

We are One Team and foster a transparent and inclusive environment, where everyone’s voice is heard.

 

At Tide, we thrive on diversity, embracing various backgrounds and experiences. We welcome all individuals regardless of ethnicity, religion, sexual orientation, gender identity, or disability. Our inclusive culture is key to our success, helping us build products that meet our members' diverse needs. We are One Team, committed to transparency and ensuring everyone’s voice is heard.

 

You personal data will be processed by Tide for recruitment purposes and in accordance with Tide's Recruitment Privacy Notice.

Similar Jobs

Bally's Interactive - Machine Learning Developer

Bally's Interactive

Toronto, Ontario, Canada (On-Site)
2 Weeks ago
Playgendary - DevOps (Cloud Engineer)

Playgendary

Limassol, Limassol, Cyprus (Remote)
2 Months ago
Microsoft - Software Engineer II/Senior Software Engineer - CTJ - POLY

Microsoft

Redmond, Washington, United States (On-Site)
2 Weeks ago
INTEL - DevOps Intern

INTEL

Gdańsk, Pomeranian Voivodeship, Poland (Hybrid)
21 Hours ago
IGN - Senior Full Stack Software Engineer

IGN

United States (Hybrid)
6 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

PlayStation Global - Senior Build System Engineer

PlayStation Global

United States (Remote)
3 Weeks ago
Hedra - Lead Product Engineer

Hedra

New York, New York, United States (On-Site)
1 Month ago
Hudl - Senior Software Engineer

Hudl

(Remote)
5 Hours ago
Axi - Senior QA Automation Engineer

Axi

Philippines (On-Site)
23 Hours ago
ION - Senior DevSecOps Engineer, Italy

ION

Collecchio, Emilia-Romagna, Italy (On-Site)
6 Months ago
Anavation - Senior Cloud Developer

Anavation

Huntsville, Alabama, United States (Remote)
1 Week ago
Nahc io - Software Engineer (Unity)

Nahc io

Hong Kong (On-Site)
3 Weeks ago
NCR Atleos - PS Engineer III

NCR Atleos

Hyderabad, Telangana, India (On-Site)
7 Months ago
NVIDIA - Senior Math Libraries Engineer - Dense Linear Algebra

NVIDIA

California, United States (Hybrid)
3 Months ago
Voodoo - Senior Game Developer - Hole.io

Voodoo

Barcelona, Catalonia, Spain (Remote)
1 Month ago

Get notifed when new similar jobs are uploaded

Jobs in Delhi, India

Gallagher - Sr. QA Analyst

Gallagher

Chandigarh, Chandigarh, India (On-Site)
6 Months ago
Contentstack - Senior Software Engineer I (MERN Stack)

Contentstack

Mumbai, Maharashtra, India (On-Site)
1 Day ago
Google - Web Solutions Engineer

Google

Hyderabad, Telangana, India (On-Site)
3 Days ago
Alation - Senior Privacy Specialist

Alation

Chennai, Tamil Nadu, India (Hybrid)
1 Day ago
Nagarro - Senior Engineer, Javascript Fullstack

Nagarro

India (Remote)
6 Months ago
Nagarro - Associate Principal Engineer, Cloud

Nagarro

Hyderabad, Telangana, India (On-Site)
6 Months ago
Conga - Consultant, Sales Engineering

Conga

Ahmedabad, Gujarat, India (On-Site)
20 Hours ago
Tellius - Senior Software Engineer - Backend

Tellius

Bengaluru, Karnataka, India (On-Site)
9 Hours ago
PwC - Senior Associate_GCP Data Engineer_Data and  Analytics_Advisory_Bengaluru

PwC

Bengaluru, Karnataka, India (On-Site)
7 Months ago
BrightEdge - Software Development Manager

BrightEdge

Hyderabad, Telangana, India (Remote)
6 Months ago

Get notifed when new similar jobs are uploaded

Similar Category Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

Tide is the leading provider of UK small business (SMEs) accounts and one of the fastest-growing fintechs in the UK. Tide is live in the UK and India with over 650,000 members in the UK and more than 350,000 in India.


Tide is transforming the small business banking market. Our platform not only offers business accounts and related banking services, but also a comprehensive set of highly connected admin tools for businesses, such as full integration with accounting systems (live for our UK members, many are live in India, and coming soon to Germany). Using advanced technology, all solutions are designed with SMEs in mind.


With quick onboarding, low fees and innovative features, we thrive on making data-driven decisions to help SMEs save both time and money.

Belgrade, Serbia (Hybrid)

Sofia, Sofia City Province, Bulgaria (On-Site)

Luxembourg, Luxembourg, Luxembourg (On-Site)

London, England, United Kingdom (Hybrid)

Romania (Hybrid)

Ukraine (Hybrid)

View All Jobs

Get notified when new jobs are added by Tide

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug