About Us:
Paytm is India's leading mobile payments and financial services distribution company. Pioneer of the mobile QR payments revolution in India, Paytm builds technologies that help small businesses with payments and commerce. Paytm’s mission is to serve half a billion Indians and bring them to the mainstream economy with the help of technology.
About the Role
This role is critical to maintaining our security posture and business continuity. You will be the primary point of contact for all audit-related activities, ensuring our systems, processes, and products adhere to the highest standards of data security and regulatory compliance.
Responsibilities
Certification Management: Plan, manage, and execute internal and external audits for PCI-DSS, RBI DL SAR (Data Localization System Audit Report), and SOC 2 Type 2. This includes coordinating with internal teams, liaising with third-party auditors (e.g., QSAs), and collecting all necessary evidence.
Gap Assessment & Remediation: Conduct regular gap assessments to identify areas of non-compliance. Develop and drive remediation plans, ensuring all security vulnerabilities and control deficiencies are addressed in a timely manner.
Policy and Procedure Development: Create, update, and maintain security policies, standards, and procedures in line with evolving compliance requirements. Ensure these are integrated seamlessly into business processes and product development cycles.
Technical Compliance: Work directly with engineering and IT teams to implement and validate security controls. This includes reviewing network architecture, application security, data storage, access controls, and incident response mechanisms to ensure they meet certification standards.
Documentation & Reporting: Prepare detailed audit reports, attestations, and other compliance documentation. Present findings, risks, and progress to senior leadership and relevant stakeholders.
Risk Management: Perform risk assessments and advise on mitigation strategies. Stay up-to-date on emerging security threats and regulatory changes in the fintech landscape.
Continuous Improvement: Foster a culture of security awareness by providing training and support to employees. Continuously enhance the overall compliance program to improve operational efficiency and resilience.
Qualifications and Skills
3-6 years of hands-on experience in a security compliance, IT audit, or information security role, preferably within a fintech or payments environment.
Deep technical knowledge of PCI-DSS requirements and the ability to apply them to payment systems.
Proven experience managing the RBI Data Localization System Audit Report (SAR) process, including an understanding of India's data residency and transaction data flow mandates.
Extensive experience with SOC 2 Type 2 audits, including preparing for and managing the audit over an observation period. Familiarity with the Trust Services Criteria (Security, Availability, Processing Integrity, Confidentiality, and Privacy).
Strong understanding of security principles, including cryptography, identity and access management, vulnerability management, and secure SDLC (Secure Software Development Lifecycle).
Excellent project management and organizational skills, with the ability to manage multiple complex projects under tight deadlines.
Exceptional communication skills, both written and verbal, with the ability to explain complex technical and compliance issues to both technical and non-technical audiences.
Relevant certifications such as PCI-ISA, PCI-QSA, CISA, CRISC, or other security and compliance certifications are a plus.
Bachelor's degree in Computer Science, Information Systems, or a related field.
Why join us:
● Because you get an opportunity to make a difference, and have a great time doing that.
● You are challenged and encouraged here to do stuff that is meaningful for you and for those we serve.
● You should work with us if you think seriously about what technology can do for people.
● We are successful, and our successes are rooted in our people collective energy and unwavering focus on the customer, and that's how it will always be.
Compensation:
If you are the right fit, we believe in creating wealth for you. With enviable 500 mn+ registered users, 21 mn+ merchants and depth of data in our ecosystem, we are in a unique position to democratize credit for deserving consumers & merchants – and we are committed to it. India’s largest digital lending story is brewing here. It’s your opportunity to be a part of the story!