• Dynamic Consultant/Assistant Manager - Information Security & Data Privacy Jobs in Gurgaon,India

  • contactx

Job Description:

Job Opportunity for Information Security and Data Privacy Governance, Risk & Compliance role!!

Position - Sr Executive/ Assistant Manager

Experience level - Senior Executive - 3-5 Years

Assistant Manager - 6-7 Years

Education - BE/BTech/BCA/Any Computer Science education graduation background Post-Graduation added advantage

Job Location - Gurgaon

Role Summary

Owning all ISMS and PIMS risk and compliance processes by partnering/ liaising with various Support functions like Technology, HR, Finance, Legal, etc as well as Business functions to ensure that the organizations processes, applications and infrastructure in India comply with regulatory and industry security standards like ISO 270012013, BS 100122017 and GDPR by supporting a risk driven approach to make valuable recommendations on standardization of processes and controls, and influence changes and decisions

The candidate will help drive continuous improvement of information security related processes and meet the organizations and clients security requirements The candidate will own the process of attaining security certifications year on year, as applicable, and maintain security posture as defined by the organizations policies

Key Job Responsibilities

- Contribute to sustainable IT controls environment through involvement in key control activities

- Coordinate with various stakeholders at various office locations across India to ensure compliance and facilitate internal and external audits related to Information Security Management System (ISMS), Personal Information Management System (PIMS) and GDPR, like ISO 270012013, BS 100122017, etc

- Facilitate and liaise with various stakeholders to close all audit findings within time

- Undertake periodic compliance reviews of InfoSec and Privacy controls for applications, network and IT infrastructure of the firm, against defined policies Provide periodic status reports to the management on the compliance status of the firm

- Drive the remediation of IT control deficiencies

- Develop recommendations and strive for continuous improvement of internal IT controls environment in the organization

- Assist in designing and establishing new security frameworks for various operational processes

- Assist in preparation/ changes to InfoSec and Privacy strategy and roadmap for the firm, annually

- Responsible for keeping updated the ISMS and PIMS policy/ procedure documents of the firm, after periodic review or any major changes in processes, and maintain an up-to-date repository of documents for Information Security team

- Assist in implementation/ enforcement of the security policy/ procedures across the firm

- Participation in information risk assessment activities across the organization, including 3rdparty/ vendor risk assessments

- Drive InfoSec & Privacy awareness across the firm through trainings, awareness mailers, etc

- Assist in automation initiatives for existing processes, wherever feasible

- Undertake annual Business Impact Assessment (BIA) exercise with various functions for identification of critical applications and their RTO/ RPO Facilitate setup of new applications in Disaster Recovery (DR) site Ensure and facilitate annual IT DR testing annually

- Liaise with Data Backup team and ensure compliance for automated backups of end user systems and servers, and facilitate to resolve any issues

- Review 3rd party/ vendor contracts during onboarding process, from InfoSec and Privacy perspective and recommend amendments, if required

- Travel requirement around 10% in a year

Skill Requirements

- Bachelors Degree in IT or a related field required;Masters would be a plus

- Min 3 years relevant experience (mandatory)of working in information/ cyber security and/ or data privacy field, or projects related to ISMS, PIMS and GDPR

- In-depth knowledge (mandatory) of ISO 27001 and BS 10012 standards and control requirements

- Experience of performing compliance assessments/ gap assessments vis-- -vis IT controls

- Prior experience of facing or being part of internal/ external audits related to ISMS, PIMS or IT General Controls testing

- CISA, CISSP, CISM, or any other certification related to ISMS and/ or PIMS would be a plus

- Knowledge of security related technologies (eg Identity & Access Management tools, Privileged Access Management Tools, Patch Management Tools, DLP, Antivirus, Firewalls, etc)

- Exposure to, or at least a conceptual knowledge of, cloud environment security and VA/PT

- Experience of dealing with all levels of management and across different teams/ multiple stakeholders across regions; and managing conflicts

- Good written & verbal communication, and presentation skills

- Highly independent, with high ethical standards and integrity

- Excellent interpersonal and relationship building skills

- Working knowledge of SharePoint would be good to have

Profile Summary:

Employment Type : Full Time
Functional Area : Other
Salary : Not Mentioned
Deadline : 16th Jan 2020

Key Skills:

Company Profile:

Not Mentioned

Why not try out our free online tutorials and gain an edge?

People who search this job also searched for the following Keywords

Salary trends based on over 1 crore profiles

View Salaries

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status