About Fam (previously FamPay) Fam is India's first payments app for everyone above 11. FamApp helps make online and offline payments through UPI and FamCard. We are on a mission to raise a new, financially aware generation, and drive 250 million+ youngest users in India to kickstart their financial journey super early in their life. Founded in 2019 by IIT Roorkee alumni, Fam is backed by some of the most respected investors around the world like Elevation Capital, Y-Combinator, Peak XV (Sequoia Capital) India, Venture Highway, Global Founder’s Capital and the likes of Kunal Shah, Amrish Rao as angel investors. About this Role Join Us as a Cyber Guardian at Fam! At Fam, we're looking for someone who thinks like a hacker but works for the good guys—someone who's obsessed with ensuring ZERO vulnerabilities in our technology. As a key member of our security and compliance team, you’ll be the first line of defense, protecting our users' data, money, and identity. Your mission? Keep our digital infrastructure safe and secure, so our users can trust us without a second thought. If you're ready to take on this responsibility and make a real impact, we want you on our team!
On the Job
Identify Vulnerabilities: Conduct penetration testing to identify vulnerabilities in FamApp applications and cloud infrastructure
Security Incident Response: Participate in security incident response, including investigations, root cause analysis, and remediation
Security Awareness Training: Conduct security awareness training for the team and third-party vendors to foster a culture of security and compliance
Policies & Compliance: Develop and implement security policies, procedures, and standards to mitigate risks and ensure regulatory and industry compliance
Audits: Conduct internal and external audits to ensure compliance with laws and regulations, and recommend improvements as needed
Stay Updated: On security threats and best practices in the industry
Cross Team Collaboration: Collaborate with teams to implement security controls that align with business requirements and support company goals
Must-haves (Min. qualifications)
At least 4-7 year of experience in security and IT compliance in Banking Industry
Prior experience of working in a fintech industry is a must have
Bachelor’s degree in Computer Science, Information Security, or a related field
Proficiency with tools such as Burp Suite, Metasploit, Nessus, and AWS Security tools
Strong understanding of common web application vulnerabilities like SQL injection, XSS, and CSRF
Familiarity with cloud security concepts and technologies, particularly AWS and Azure.
Possession of relevant certifications such as CEH, OSCP, or AWS Certified Security – Specialty would be advantageous
Experience developing and implementing security policies, procedures, and standards
Good to have
Experience in Capture The Flag (CTF) competitions
Participation in bug bounty programs and recognition in any hall of fame
Contribution to CVE (Common Vulnerabilities and Exposures) entries
Ability to analyze problems efficiently and effectively; you stay calm and focused when outages and incidents occur
Why join us?
Work in a team of less than 5 members security and compliance team
Take full ownership of high-impact projects
Opportunity to grow as a trust, security & IT compliance leader in the industry