Information Security Auditor

11 hours ago


Bengaluru, Karnataka, India Nextiva Full time ₹ 12,00,000 - ₹ 36,00,000 per year
Redefine the future of customer experiences. One conversation at a time.

We're changing the game with a first-of-its-kind, conversation-centric platform that unifies team collaboration and customer experience in one place. Powered by AI, built by amazing humans.

Our culture is forward-thinking, customer-obsessed and built on an unwavering belief that connection fuels business and life; connections to our customers with our signature Amazing Service, our products and services, and most importantly, each other. Since 2008, 100,000+ companies and 1M+ users rely on Nextiva for customer and team communication.

If you're ready to collaborate and create with amazing people, let your personality shine and be on the frontlines of helping businesses deliver amazing experiences, you're in the right place.

Build Amazing - Deliver Amazing - Live Amazing - Be Amazing

The Information Security Auditor will work across the organization to ensure Nextiva's compliance with global security and privacy regulations. This will be achieved by establishing strong working relationships with system and control owners and applying knowledge of IT infrastructure to develop security policies and procedures, monitor compliance, and remediation efforts, conduct internal audits, and support external audits. Monitoring and assessments will include periodic reviews of user access, firewall configuration, and vendors. The auditor will also perform periodic internal security and privacy compliance audits, document and report gaps and non-conformities and lead remediation efforts with internal teams. The auditor will support external audits by working with internal teams to collect control evidence and manage the audits to achieve compliance.

Key Responsibilities:

  • Assess compliance of the organization to industry standards, security frameworks, and privacy regulations
  • Review and update security and privacy policies and procedures to ensure consistency with new and evolving requirements
  • Plan and conduct internal audits of the design and effectiveness of the organization's security and privacy controls, policies, processes and procedures
  • Document audit findings, identify and report gaps and risks in controls, and lead remediation efforts
  • Support external audits by working with the auditor and internal asset, process, and control owners to gather and submit evidence for compliance
  • Keep up to date with changes in security frameworks, regulatory changes, and commercial requirements that affect the organization's compliance, including all countries where Nextiva provides, or intends to provide, service
  • Work with product development teams, infrastructure, and other parts of the organization to define policies and procedures, implement remediation plans, and monitor compliance
  • Effectively use available AI tools to plan and conduct audits, develop policies and procedures, and document audits
  • Perform other duties to support the security and compliance of the organization as required
  • Comply with organization information security policies

Qualifications:

  • Bachelor's degree in an IT related field or equivalent experience and 2-5 years of experience in working in IT security, software development, or IT or information security audit
  • Strong knowledge of IT infrastructure and networking, including data center infrastructure, cloud infrastructure (GCP and AWS), IP networking, firewalls, IDS/IPS and endpoint security tools, backup and recovery, identity and access management, application security, and SIEM tools
  • Understanding of security and privacy frameworks and regulations, including SOC 2, ISO-27001, UK Cyber Essentials, NIST, NIS2, HITRUST, PCI-DSS, HIPAA, GDPR, and CPRA
  • Desired certifications – one or more of the following: CISSP (Certified Information Systems Security Professional), Certified Information Security Manager (CISM), SSCP (Systems Security Certified Practitioner), CCSP (Certified Cloud Security Professional) or CompTIA Security+
  • Flexibility to work extended hours and off-hours to support global project teams

Competencies:

  • Strong analytical problem-solving skills and attention to detail
  • Organization, Time Management & Prioritization - Self-starter that focuses on key priorities; plans, organizes, schedules and executes on tasks and projects in an efficient and productive manner
  • Ability to form productive relationships across the organization to accomplish information security objectives
  • Ability and willingness to learn all aspects of the information security field
  • Professional verbal and written communication skills in English
  • Expresses ideas using clear, effective and efficient language. Listens patiently and attentively. Adapts to the purpose of communication with appropriate style, substance, detail, confidence and channel. Possess the ability to manage multiple channels of communication simultaneously; phone, email, tickets, and chat
  • Able to assess, document, and prioritize identified security control gaps and vulnerabilities based on risk

Nextiva DNA (Core Competencies)

Nextiva's most successful team members share common traits and behaviors:

  • Drives Results: Action-oriented with a passion for solving problems. They bring clarity and simplicity to ambiguous situations, challenge the status quo, and ask what can be done differently. They lead and drive change, celebrating success to build more success.
  • Critical Thinker: Understands the "why" and identifies key drivers, learning from the past. They are fact-based and data-driven, forward-thinking, and see problems a few steps ahead. They provide options, recommendations, and actions, understanding risks and dependencies.
  • Right Attitude: They are team-oriented, collaborative, competitive, and hate losing. They are resilient, able to bounce back from setbacks, zoom in and out, and get in the trenches to help solve important problems. They cultivate a culture of service, learning, support, and respect, caring for customers and teams.

Total Rewards

Our Total Rewards offerings are designed to allow our employees to take care of themselves and their families so they can be their best, in and out of the office.

Our compensation packages are tailored to each role and candidate's qualifications. We consider a wide range of factors, including skills, experience, training, and certifications, when determining compensation. We aim to offer competitive salaries or wages that reflect the value you bring to our team. Depending on the position, compensation may include base salary and/or hourly wages, incentives, or bonuses.

  • Medical - Medical insurance coverage is available for employees, their spouse, and up to two dependent children with a limit of 500,000 INR, as well as their parents or in-laws for up to 300,000 INR. This comprehensive coverage ensures that essential healthcare needs are met for the entire family unit, providing peace of mind and security in times of medical necessity.
  • Group Term & Group Personal Accident Insurance - Provides insurance coverage against the risk of death / injury during the policy period sustained due to an accident caused by violent, visible & external means.
  • Coverage Type - Employee Only
  • Sum Insured - 3 times of annual CTC with minimum cap of INR 10,00,000
  • Free Cover Limit - 1.5 Crore
  • Work-Life Balance - 15 days of Privilege leaves per calendar year, 6 days of Paid Sick leave per calendar year, 6 days of Casual leave per calendar year. Paid 26 weeks of Maternity leaves, 1 week of Paternity leave, a day off on your Birthday, and paid holidays
  • Financial Security - Provident Fund & Gratuity
  • Wellness ‍ - Employee Assistance Program and comprehensive wellness initiatives
  • Growth - Access to ongoing learning and development opportunities and career advancement

At Nextiva, we're committed to supporting our employees' health, well-being, and professional growth. Join us and build a rewarding career

Established in 2008 and headquartered in Scottsdale, Arizona, Nextiva secured $200M from Goldman Sachs in late 2021, valuing the company at $2.7B.To check out what's going on at Nextiva, check us out on Instagram, Instagram (MX), YouTube, LinkedIn, and the Nextiva blog.

LI-RQ1 #LI-Hybrid

  • Bengaluru, Karnataka, India Infosys Limited Full time

    Job DescriptionResponsibilities :Information security standards ISO 27001, ISO 31000 risk management standards, ISO 22301, CISA (certified information systems auditor), CISM/CISSP/CEH/CIPP-E / CIPP -US /CCIE/CCNA/ COBIT/SOX/ SSAE18, CISM etcAdvanced Networking principles/ software engineering principles/ information security principles, Additional knowledge...


  • Bengaluru, Karnataka, India Nextiva Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    Redefine the future of customer experiences. One conversation at a time.We're changing the game with a first-of-its-kind, conversation-centric platform that unifies team collaboration and customer experience in one place. Powered by AI, built by amazing humans.Our culture is forward-thinking, customer-obsessed and built on an unwavering belief that...


  • Bengaluru, Karnataka, India Chai Waale Full time

    We are seeking an experienced Information Security Consultant responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected.Responsibilities :- Review client policies and procedures, suggesting improvements related to information security.- Assess on-premise...


  • Bengaluru, Karnataka, India Talenzen Full time ₹ 1,20,000 - ₹ 20,00,000 per year

    We are seeking an experienced Information Security Consultant responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected.ResponsibilitiesReview client policies and procedures, suggesting improvements related to information security.Assess on-premise and...


  • Bengaluru, Karnataka, India AviinTech Business Solutions Full time

    Key Responsibilities : Audit Management & Execution : - Lead and support information security audit activities, demonstrating proven experience with audits such as ISO 27001, SOC 2, RBI, and PCI DSS.- Drive audit readiness activities, meticulously mapping evidence to control requirements.- Develop and implement remediation plans for identified audit...

  • Security Auditor

    2 weeks ago


    Bengaluru, Karnataka, India ITC Infotech Full time ₹ 9,00,000 - ₹ 12,00,000 per year

    Responsible for reviewing, maintaining, and updating security policies, procedures, and standards/baselines. Support all accreditation programs such as ISO27001, ISAE 3402 Type II, SOC2 Type 2, PCI-DSS and others as may be needed. Work with different stakeholders including external auditors, business leaders, DPO, Legal, HR, and CIO teams to understand all...


  • Bengaluru, Karnataka, India Rubrik Security Cloud Full time ₹ 5,00,000 - ₹ 8,00,000 per year

    About the team:The Information Security (InfoSec) organization advances the overall state of security at Rubrik through critical initiatives and coordination of large security projects. Information Security builds technologies, tools, and processes to better enable teams at Rubrik to develop secure software and protect data and systems with appropriate...


  • Bengaluru, Karnataka, India Narayana Health Full time

    About the Role:The Information Security Lead will be responsible for developing and implementing the organization's information security framework to safeguard patient data, clinical systems, and enterprise IT infrastructure. This role ensures compliance with healthcare regulations, international standards, and hospital group policies, while building a...


  • Bengaluru, Karnataka, India beBeeCybersecurity Full time ₹ 1,50,00,000 - ₹ 2,00,00,000

    Job Title">We are seeking a seasoned Cybersecurity Professional to support our internal controls and risk management initiatives. As an Information Security Consultant, you will play a key role in planning, executing, and reporting on operational and system IT internal controls.This role will act as a point of contact for Cybersecurity Governance, Risk, and...


  • Bengaluru, Karnataka, India Narayana Health Full time

    Job DescriptionAbout the Role:The Information Security Lead will be responsible for developing and implementing the organizations information security framework to safeguard patient data, clinical systems, and enterprise IT infrastructure. This role ensures compliance with healthcare regulations, international standards, and hospital group policies, while...