Information Security

**Location**: Mumbai/Pune/Bangalore

**Shift Timings**:2 PM to 11 PM

**JOB DESCRIPTION**:

- This position will give an opportunity to work for Information Security Governance on information systems, processes and technologies within the organization.
- This is a global role engaging stakeholders (at all levels) across geographies like India, Philippines and US
- This position will report to the Manager, Information Security and is expected to work independently on tasks assigned.

This position requires:

- Hands-on experience in implementation of Security Governance framework.
- Works extensively on Vendor IT Security risk assessment/ Third Party Risk management
- Experienced in conducting technical security assessment
- Experience in performing Security audits and Risk Assessments in line with Information Security Standards (like ISO 27001) for Business processes and IT systems.
- Understanding on Legal & Regulatory requirements such as Data privacy, Intellectual property safeguards, Records Management etc.
- Knowledge about latest regulations, compliance, standards and procedures such as GLBA, SOX, ISO27000 Standards, CoBiT, COSO, FFIEC, etc.
- Ability to conceptualize Security Governance framework and have eagerness to assist Management with creation and implementation of Security Governance Policy Framework.
- Excellent verbal and written communication skills with a demonstrated ability to build and maintain relationships within the organization
- Ability to prepare Management Reports highlighting the security posture of the organization with regards to various security metrics defined inline with Enterprise Risk Management framework
- Excellent organizational, skills, detail oriented, logical, and systematic with the ability to multi-task and drive projects to successful conclusion; must be able to gather and interpret relevant information; must have experience presenting conclusions in a clear and concise manner; with ability to work in a high value and strict deadline environment

**JOB FUNCTIONS AND RESPONSIBILITIES**:

- Perform security reviews, evaluations, risk assessments, and monitoring on a regular basis to ensure exceptions and violations are identified and addressed.
- Perform and oversee Information Security Policy Framework
- Recommend appropriate corrective actions and remediation plans for risks identified
- Assist in developing the implementation of risk mitigation measures
- Create and manage multiple dashboard reporting mechanisms to facilitate improved communication and provide visibility on Security posture to Management and Senior Leadership
- Work with the Business functions to ensure security standards are in-line with risk management and information security policies
- Plan and execute vendor IT and Security audit programs in-line with risk management policies

**EDUCATION / EXPERIENCE**:

- 6-9 years of progressive experience in one or more of the following: internal/external IT and business process auditing, sourcing advisory, vendor management roles
- Bachelor’s degree from an accredited college / university. Management degrees MS, M. Tech or MBA in relevant field would be an added advantage.
- Knowledge and understanding current DR planning techniques, industry standards and methodologies including BIA process, risk analysis procedures and RTO/RPO measurements preferred
- Demonstrated experience in conducting Risk Assessments for Vendors, Internal and External stakeholders
- Experience in Information Security or demonstrated knowledge on Information Security Operations
- Demonstrated experience in a multi-vendor environment
- Demonstrated experience in Cloud Security assessments on various Cloud platforms such as AWS, Azure, Oracle etc.
- Demonstrated expertise in conducted security assessment across security technologies such as Firewall, SIEM, EDR etc
- Preferred Certifications
- CGEIT or CISM
- CISSP

Pay: ₹1,800,000.00 - ₹2,000,000.00 per year

Schedule:

- Monday to Friday
- US shift

Work Location: In person