Title: Manager-Cyber Defence
Exp: 5 to 7 Yrs.
Education: Bachelor / Master’s degree
PayU, the fintech-arm of Naspers, is a leading financial services provider in global growth markets. We use our expertise and heritage in cross border and local payments to extend the services we offer to merchants and consumers. Our innovative technology, developed in-house as well as through investments and strategic partnerships, empowers billions of people and millions of merchants to buy and sell online, extending the reach of financial services.
Our local operations span 18 growth markets across Asia, Central and Eastern Europe, Latin America, the Middle East and Africa. Here we deliver fast, simple and efficient financial services technology that unlocks access to more than 2.3 billion consumers in our regions.
Regulated under the Reserve Bank of India, PayU India has advanced solutions to meet every digital payment need. The company has an in-depth understanding of the vast and intricate details of the Indian market and its payment landscape. The company brings convenience and trust through continuous innovation leveraging technology.
PayU India forays into two business verticals - payment offerings under PayU Payments Services Ltd. and alternate lending under PayU Finance. Headquartered in Sohna Road, Gurgaon, the company has a presence in Mumbai, Pune and Bangalore and has a total strength of 700+ employees. Anirban Mukherjee is the CEO for PayU India working with the global CEO Laurent Le Moal.
Under the aegis of PayU Payments Services Ltd., PayU provides payment gateway solutions to online businesses through its cutting-edge and award-winning technology. In India, PayU covers nearly 60% of the airline business and 90% of the entire e-commerce business and processes over INR 120,000 crores worth of digital payments annually (at current run rates). The company offers more than 70 local payment methods and serves more than 350,000 merchants including leading e-commerce businesses in India. The company also empowers SMBs, enabling them to accept mobile and online payments with minimum development effort.
With credit being the key business priority, PayU has also developed LazyPay, an alternate lending platform to offer credit solutions such as Small Ticket Credit (Buy Now, Pay Later), App based personal loans and Point of Sale Credit (Merchant EMI). Since its launch in 2017, LazyPay has gained significant traction and has disbursed 20mn+ loans to a customer base of a million user.
PayU is bullish on investment opportunities in India. The company has been an aggressive investor, committed to the evolution of fintech in the country. PayU has spent about $250 million over the past three years in Asia's third-largest economy and is further scouting for more lucrative investment and acquisition opportunities to fuel growth. PayU’s acquisitions in India include that of Wibmo (April 2019 worth $70 mn) and Citrus Payment Solutions (September 2016 for $130 mn). PayU has also invested in PaySense (July 2018) and ZestMoney (December 2016) in India.
Develop information security plans and policies: help plan and carry out an organization's information security strategy. Develop a set of security standards and best practices for PayU, and recommend security enhancements to management as needed. Develop strategies to respond to and recover from a security breach. Educating staff on information security through training and building awareness.
Implement protections: install (with support from infra team) and use the software, such as firewalls and data encryption programs, to protect PayU’s sensitive information. Assist computer users with installation or processing of new security products and procedures.
simulate an attack on the system to highlight or find any weaknesses that might be exploited by a malicious party.
Monitor for security breaches: monitor PayU’s networks and systems for security breaches or intrusions. Install the software (with support from infra team) that helps to notify intrusions, and watch out for irregular system behaviour.
Investigate security breaches: if a breach has occurred, leads incident response activities to minimize the impact. Afterward, lead a technical and forensic investigation into how the breach happened and the extent of the damage. Prepare reports of their findings to be reported to management.
Direct experience with intrusion detection, firewalls, and content filtering.
Knowledge of risk assessment tools, technologies, and methods.
Experience designing secure networks, systems and application architectures.
Ability to communicate network security issues to peers and management.
Ability to read and use the results of mobile code, malicious code, and anti-virus software.
A keen eye for detail, think one step ahead of criminals. Well organized and thrive in fast-paced, high-stress scenarios.
Strong understanding of endpoint security solutions to include File Integrity Monitoring and Data Loss Prevention. Proven work experience in one or more of security consulting, audit, VA/PT, code review, managed security services.
Detailed technical knowledge of techniques for authentication and authorization, applied cryptography, security vulnerabilities, and remediation.
Adequate knowledge of web-related technologies (Web applications, Web Services, and Service-Oriented Architectures) and of network/web related protocols.
Interest in all aspects of security research and development.