SarvaGram
Website:
sarvagram.com
Job details:
About the role You will own SarvaGram's information security program, building it from policy to practice across 170 branches, 2,000 field officers, and 150,000 rural households. This is a first-principles security leadership role: establish frameworks, drive RBI compliance, and protect the trust that underpins rural India's access to credit. You will operate independent of IT, in line with RBI IT Master Direction 2023 (Section 24(c)). As de-facto CISO, you will be a permanent invitee to the IT Strategy Committee (ITSC) and IT Steering Committee, and will present quarterly to the ITSC, RMCB, and Board. Key responsibilities Information Security Governance Own the ISMS - strategy, policies, standards, and continuous improvement Chair the Information Security Committee; present quarterly to ITSC and RMCB Drive security adoption across technology and business functions RBI Compliance & Regulatory Ensure compliance with RBI IT Governance Master Direction 2023, Digital Lending Directions 2025, DPDPA, and IT Act Manage cyber incident reporting to CERT-In and RBI; co-ordinate with IB-CART Support IS audits, regulatory reviews, and ACB reporting ISO 27001 Implementation Lead end-to-end ISO 27001 certification - documentation, risk treatment, control implementation, internal audits Drive continuous improvement post-certification Cybersecurity Operations Manage and monitor the Security Operations Centre (SOC) Oversee VA/PT programme across AWS production, Snowflake, LOS/LMS, and Lenovo Tab field infrastructure Own incident response and cyber resilience plans Data Security & Privacy Enforce data classification, access controls, and privacy-by-design for customer data Demonstrable working knowledge of data minimisation, pseudonymisation, anonymisation, and privacy-by-design Third-Party & Vendor Risk Drive security risk assessments for critical vendors Ensure vendor compliance with RBI IT Outsourcing Directions 2023 Security Awareness Build org-wide cybersecurity awareness, including field officer training for offline-first tablet infrastructure Embed a security-conscious culture across a distributed, rural-first workforce Requirements Education Qualifications Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field Master's degree preferred Professional security certifications required: CISSP, CISM, ISO 27001 Lead Implementer / Lead Auditor Additional certifications valued: CISA, CEH, CRISC, CGEIT, Cloud Security Experience 8 - 12 years total information security experience; 3 years in a leadership or senior IC role (AVP/DVP level) Minimum 3 years in an NBFC, bank, or regulated financial services environment Hands-on ISO 27001 / ISO 27000 series implementation through to certification Deep understanding of RBI IT Governance, DPDPA, IRDAI, and IT Act compliance obligations Proven track record of building security programs from the ground up in high-growth organisations. Experience securing distributed operations, mobile-first platforms, and agent/franchise networks Comfort presenting to Board-level stakeholders and regulatory bodies Technical Expertise Security frameworks: NIST, ISO 27001, CIS Controls Cloud security - AWS (primary), Azure, GCP Application security, API security, and secure SDLC Security tooling: SIEM, EDR, vulnerability management, penetration testing Authentication technologies, encryption, and cryptography Mobile application security (Android / iOS) Familiarity with fraud detection systems and ML for security Benefits SarvaGram is on a mission to revolutionise financial services for millions in rural India. We're building the nation's first data-driven platform that combines cutting-edge technology with a human touch to unlock financial possibilities for underserved households. This is your chance to be at the forefront of innovation. Join us and:
- Shape the future of FinTech: We're not just building a product, we're creating a new category. Be a part of defining the future of financial inclusion for rural India.
- Embrace a high-growth, high-impact environment: This is a non-linear growth opportunity. Build a platform used by millions and witness the network effect drive massive scale.
- Tackle real-world challenges: Apply your skills to solve critical problems and directly empower rural communities.
- Craft solutions that touch lives: Develop innovative products used by diverse household members, each with unique needs
Click on Apply to know more.