| Hyderabad Jobs |
| Banglore Jobs |
| Chennai Jobs |
| Delhi Jobs |
| Ahmedabad Jobs |
| Mumbai Jobs |
| Pune Jobs |
| Vijayawada Jobs |
| Gurgaon Jobs |
| Noida Jobs |
| Hyderabad Jobs |
| Banglore Jobs |
| Chennai Jobs |
| Delhi Jobs |
| Ahmedabad Jobs |
| Mumbai Jobs |
| Pune Jobs |
| Vijayawada Jobs |
| Gurgaon Jobs |
| Noida Jobs |
| Oil & Gas Jobs |
| Banking Jobs |
| Construction Jobs |
| Top Management Jobs |
| IT - Software Jobs |
| Medical Healthcare Jobs |
| Purchase / Logistics Jobs |
| Sales |
| Ajax Jobs |
| Designing Jobs |
| ASP .NET Jobs |
| Java Jobs |
| MySQL Jobs |
| Sap hr Jobs |
| Software Testing Jobs |
| Html Jobs |
| Job Location | Gurugram |
| Education | Not Mentioned |
| Salary | Not Disclosed |
| Industry | IT - Software |
| Functional Area | General / Other Software |
| EmploymentType | Full-time |
DescriptionAbout SirionLabs:SirionLabs - SaaS Product firm | is looking for people who simply put are driven to make a difference.SirionLabs is a growth stage company building breakthrough technology in Contract Lifecycle Management. We are hosted on AWS utilizing Aurora, Redshift, Lambda and are built on Java, C#, Golang, Angular, MongoDB and Postgres.We make data speak for itself by ingesting large volumes of machine data, support data and complex enterprise data sets. We rely on NLP (coreNLP), Neuralnets and Machine Learning technologies to improve operational efficiency and for predictive analysis.We are a team of high energy individuals who revel in a rapid-pace, agile product development environment. We aim to build path-breaking, context-aware products that solve meaningful and complex problems. In doing so, we hope to put Indian engineering on the world map. So, if these are the ideals that excite you, there is definitely a place for you at SirionLabs!Job Role: Associate/Analyst/Senior Analyst - Information SecurityYears of Experience required: 7-10 yearsWork Location: GurgaonJob ProfileDefine, implement, and maintain the Information Security Management System (ISMS) and Privacy Information Management System (PIMS) in compliance with frameworks, standards and regulations such as ISO 27001, 22301, 27701, 27018, 31000, Service Organization Controls (SOC), SSAE 16, General Data Protection Regulation (GDPR), PrivacyShield, Australian Data Protection Act, SOX, NIST, Cyber Essentials (UK)Develop and maintain the Unified Controls Framework that acts as a single repository of controls for SirionLabs to operate in order to align with organization information security policies, industry standards and regulations applicable to the company and its customersPlan and execute periodic risk assessments based on ISO 27001 and 31000 based Risk Assessment and Management methodologyMaintain SOC 1 & 2 compliance, monitor & report effectiveness, manage the audit processDefine, Review and Maintain the organizational information security policies, processes, procedures and control framework in-line with ISO 27001: 2013 standard and best practices to ensure it is adequate to address the emerging risks due to changing environment and technologyAlign customer and internal information security objectives to the ISMS and PIMSRespond to RFX of prospects and customers of SirionLabs and support the calls with prospects and customers for security related questionsRespond to information security assessments performed by SirionLabs customersMonitor and fulfill client contractual (MSA) information security obligationsWork with internal stakeholders such as Engineering, DevOps, Product, Finance, HR, Admin, IT for implementing controls for the respective functions and ensuring the continuous operating effectiveness of the controlsPrepare metrics based periodic reports and dashboards with support from the stakeholder functions for management reviewAssess and review the contracts / agreements of customers and vendors for information security related clauses/ requirementsLiaise with security vendors, suppliers, service providers and external resources for new security tools for improving security.Lead the Information Security audits / assessments / remediation of Sirion third party vendors / suppliers and present key risks to the managementPerform the Third party Risk Assessment (TPRM) of Critical VendorsConduct Information Security awareness and training programs for the employees as part of their induction and regular awarenessOversee information security incident management process for incident reporting, containment, resolution and root cause analysisPlan and co-ordinate BCP and DR testsConduct periodic information security review meetings with ISMS working groupWork with Engineering and Devops teams on technical implementations, and preferably be able to perform hands-on system related technical tasks as and when required (it is preferable to have a person on-board with past IT, AWS and Security administration experience., RequirementsEducational qualifications and certifications:BE / B. Tech / BSc Computer Science with active CISSP / CISA / CRISCExpertise/experienceIn ISO 27001, SOC and 31000 based Risk Assessment and Management methodologyImplementation of ISO 27001, SSAE 16/SOC, NIST requirementsPrivacy regulationsInformation security support in a customer facing environmentManaging ISMS and compliance to Privacy RegulationsSecurity incident management, BCP DR planning and coordinationClient and Vendor security management practicesPerforming and facing auditsExperience in action plan designs for control weaknessesExperience in one or more of Linux, Microsoft, Cisco and Security technologiesExperience of implementing/Auditing Cloud Security Controls. (Preferabally AWS)Organizational skills:Self-driven and initiatorAbility to multi-task effectively and work under pressureRelationship and trust-based information security program (not authority based)Task finisher
Keyskills :
information security management systemiso 27001ssae 16information security managementmusic makingcloud securitythird party vendorsdata protection actroot causesoc 1information security awareness