Senior Security Expert
Infrastructure & Security /
Loved is the financial services platform for the next generation. We focus on those under the age of 18 because we believe in the difference we can make to their financial success. Building a great team is essential for us to create a product that our customers' love and that help them succeed.
We are still small yet we are growing fast, so we want those that will outperform and become leaders within our company as it grows. The company is headquartered in San Francisco USA with its extended office in Gurgaon.
Loved has an exciting opportunity for someone to join the Gurgaon office of Loved as a Senior Security Expert.
This position serves as the subject matter expert for security at Loved and responsible for planning, design, implementation, and maintenance of security standards, including Payment Card Industry/Data Security Standard (PCI DSS). The candidate must be a team-oriented self-motivator with excellent interpersonal skills and the ability to discuss complex security requirements in technical and non-technical terms. The position reports to the VP, Engineering, and works closely with other team members to collaborate on technology support and business operations to maintain the security standards.L
What you will do
- Work in a fast-paced environment that develops growth, collaboration, and innovation.
- Lead the PCI DSS requirements for Loved and architect, design, implement, maintain, and operate security controls and countermeasures.
- Implement measures to prevent and detect fraudulent transactions.
- Analyze and recommend security controls and procedures in acquisition, development, and change management life-cycle of the platform.
- Analyze and recommend security controls and procedures in business processes related to the use of systems and assets.
- Monitor systems security incidents and vulnerabilities.
- Respond to system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches.
- Administer authentication and access controls, including provisioning, changes, and de-provisioning of security/access roles and access permissions to information assets.
- Analyzes trends, news, and changes in threat and compliance environment with respect to organizational risk; advise organization management and develops and executes plans for compliance and mitigation of risk; performs risk and compliance self-assessments.
What you will bring
- Demonstrated knowledge and understanding of relevant legal and regulatory requirements, including the PCI DSS.
- At least 3 years of experience in leading both internal and external audits to ensure compliance with industry-mandated regulations, especially PCI DSS.
- 3 years of experience in implementation of new initiatives involving compliance to ensure functionality required to support required compliance, including PCI DSS.
- Experience in managing compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures.
- Experience in assisting legal and technology organizations with all required compliance/security-related documentation. Ensure documentation is standardized, updated, and organized.
- Hands-on experience in audit-related tasks to ensure the readiness for audit managers and their teams for thecertification and facilitate the timely resolution of any audit findings.
- Experience in evaluating the effectiveness of the internal security control framework and recommend adjustments as business needs change.
- A practical, open-minded, and intellectually curious approach.
- Bachelor’s degree in information technology or directly related field, 5 years of professional related experience.
More information on Loved is available at loved.com.