About Aspora: Pioneering Secure Global Finance
People on the move deserve a bank that moves with them. Since 2022, Aspora has been building a borderless financial operating system that makes money as mobile and transparent as its users.
Backed by influential venture capitalists like Sequoia Capital, Greylock Partners, Hummingbird Ventures, Y Combinator & Global Founders Capital, we're on a mission to redefine global banking. Our diverse team of 75+ spans India, the UK, the UAE, EU, and the US, united by extreme ownership, radical candour, and an obsession with customer impact.
We celebrate builders who question assumptions, ship fast, and elegantly transform regulatory complexity into innovative solutions. If you're driven to redefine what global banking can be, we'd love to build the future with you.
Your Mission: Senior Information Security Architect
Are you a hands-on cybersecurity architect passionate about building robust, resilient systems from the ground up? We're seeking a Senior Information Security Architect to design and implement cutting-edge security controls for our regulated digital banking platform.
This is a pivotal builder role, demanding deep technical expertise in cloud security, data protection, and stringent regulatory compliance. You will be instrumental in architecting defensible, auditable, and scalable security systems that ingeniously balance uncompromising protection with rapid product velocity.
Core Responsibilities
Pioneering Technical Security (60%)
Architect and implement zero-trust security architectures, establishing clear boundaries, assuming breach scenarios, and eliminating implicit trust across our global ecosystem.
Engineer robust data protection systems, encompassing field-level encryption for sensitive PCI/PII data, advanced cryptographic key management, and secure envelope encryption patterns.
Design and secure complex hybrid cloud environments, ensuring seamless AWS-to-datacenter connectivity and secure vendor integrations through one-way trust models.
Drive the implementation of identity-first access controls, including robust service-to-service authentication, enforcing zero standing production access, and managing time-bound sessions.
Develop comprehensive SIEM and detection systems, defining logging strategies for legal evidence and advanced correlation across identity, network, and application layers.
Harden and manage next-generation firewalls (Palo Alto, Fortinet), integrating them into our critical workloads and establishing cutting-edge security observability.
Mastering Operational Resilience (25%)
Lead end-to-end vulnerability management, from asset discovery and risk assessment to remediation and critical crisis response for zero-day threats (e.g., Log4j-style scenarios).
Spearhead incident response and disaster recovery initiatives, orchestrating DR drills, incident command, regulatory notifications, and thorough post-incident validation.
Establish strategic security monitoring, optimizing prioritized log collection, alert management, and comprehensive security telemetry.
Collaborate closely with Application and Infrastructure teams to understand SecOps requirements and champion the successful implementation of security solutions.
Proactively identify security gaps and drive impactful initiatives aligned with business objectives to continuously strengthen our overall security posture.
Strategic Impact & Growth (15%)
Master the balance between security and product velocity, utilizing compensating controls, pragmatic risk acceptance, and clear documentation of tradeoff decisions.
Exhibit scaling awareness, proactively identifying architectural breaking points and designing security solutions for 10x organizational growth and beyond.
What You'll Bring: 7+ years of hands-on experience securing production AWS environments, ideally within regulated or financial services sectors. Essential Credentials: ISO 27001 Lead Implementer or Lead Auditor
Demonstrable expertise in PCI-DSS or other critical financial regulatory compliance implementation.
Battle-tested leadership in incident response and disaster recovery drills, with practical experience in real-world production scenarios.
Experience thriving in a startup or high-growth environment, where you've actively built and scaled security programs from inception.
Profound expertise in encryption architecture, cryptographic key management systems, and robust cryptographic controls.
PCI-DSS (QSA, ISA, or P2PE certification)
Highly Valued: CISSP, CCSP, AWS Security Specialty, CISM