Cybersecurity Strategist

We are seeking a seasoned Cybersecurity Strategist to spearhead our end-to-end security initiatives across applications, infrastructure, and organizational processes. This role ensures our systems, applications, and business operations are secure, compliant, and aligned with both internal policies and regulatory requirements.

• Develop and execute comprehensive security strategies to mitigate risks and ensure compliance with industry standards.
• Lead technical assessments required by new clients, analyzing their security posture and providing actionable recommendations.
• Analyze and complete detailed cloud infrastructure security and compliance questionnaires, ensuring seamless onboarding for vendors and partners.
• Maintain documentation and templates for commonly requested assessment artifacts, facilitating efficient knowledge sharing and process optimization.

• Manage and complete security questionnaires from clients, vendors, and partners, evaluating their security practices and identifying areas for improvement.
• Evaluate vendor security and compliance by reviewing their responses and supporting documentation, ensuring alignment with our organization's risk tolerance.
• Risk Identification and Assessment:
• Identify security risks within our IT infrastructure, applications, and services, assessing potential vulnerabilities and developing mitigation strategies.
• Assess potential risks posed by vendors or partners during onboarding, ensuring our organization's interests are protected.

• Ensure compliance with security standards such as ISO 27001, GDPR, SOC 2, or any other relevant frameworks, maintaining our organization's reputation for excellence.
• Collaborate with internal teams to maintain compliance with legal and regulatory requirements, staying up-to-date with evolving regulations and best practices.

• Collaborate with the IT security, legal, and procurement teams to address concerns identified in security assessments, fostering a culture of transparency and cooperation.
• Coordinate with vendors to ensure their security practices meet our organization's requirements, building strong relationships based on trust and mutual respect.

• Prepare detailed reports summarizing findings from security assessments and risk analysis, providing actionable insights for stakeholders.
• Educate internal staff and external partners about security best practices and compliance requirements, promoting a culture of security awareness and responsibility.

Requirements:

• Bachelor's degree in computer science, Information Security, Data Science, or a related field.
• 5+ years of experience working with Audit/compliance, application security assessments, AWS cloud security preferably BFSI domain.
• Familiarity with secure coding practices, vulnerability management, and threat modelling.
• Strong exposure to AWS cloud infrastructure (Guard Duty, security hub, inspector, Firewall, IAM, EC2, VPC, S3, Security Groups, etc.).
• Familiarity with information security standards such as ISO 27001, SOC 2, RBI cybersecurity framework.