Assistant Manager - Information Security - 111021

Gurugram, Haryana, India

Applications have closed

About SirionLabs:

SirionLabs - SaaS Product firm | is looking for people who are driven to make a difference.Bringing together leading innovation, unrivaled Contract Lifecycle Management expertise, and a deep commitment to customer success, SirionLabs helps the world’s leading businesses contract smarter.

Powered by intelligence uniquely connected across the complete contract lifecycle. SirionLabs’ easy-to-use, highly configurable Smarter Contracting Platform brings legal, procurement, and business teams together to author stronger agreements, manage risk and strengthen counterparty relationships.

Today, analyst firms such as Forrester, Spend Matters and IDC agrees that SirionLabs is a leader in CLM whilst world-leading businesses including Vodafone, Unilever, DHL, and Morgan Stanley trust SirionLabs to create, control, and manage over 5m contracts worth more than $300bn, in 100+ countries around the world. SirionLabs is backed by leading VC firms and has gone through a Series C round. SirionLabs is a 550+ people company with 7 offices globally.

Job Role: Assistant Manager – Information Security

Experience: 7 – 10 years

Location: Gurgaon

Responsibilities:

  • Responding to RFx, Information security & Data Privacy questionnaires of SirionLabs prospects and effectively participate in customer’ discussions on related topics.
  • Responsible for managing and building the RFX response library and supporting artefacts in central repository.
  • Respond to all information security assessments/audits performed by SirionLabs customers, external and internal auditors. Aligns customer and internal information security objectives to the ISMS (Information Security Management System) and PIMS (Privacy Information Management System).
  • Prepare metrics based periodic reports and dashboards with support from the stakeholder functions for management review
  • Work with internal stakeholders such as Engineering, DevOps, Customer Success, IT to gather and collate response & artifact for security risk questionnaires required for business proposals and for existing client and organizational data requests
  • Perform Review of SirionLabs’ vendor and Customer contractual documents (MSA, SOW, DPA, SCC) to verify the compatibility compliance with SirionLabs’ Information security & privacy policies and procedures. Highlight and articulate the risk to the wider forum.
  • Build and maintain client contractual information security obligations program. Understand key infosec obligations from SirionLabs customers and collaborate with other teams to ensure complete implementation of the security controls related to those obligations.
  • Support in periodic Risk Assessments based on organization information security policies, industry standards and regulations applicable to the company and its customers including, GDPR, ISO 27701, NIST 800-53, NIST 800-171, NIST CSF, FedRAMP, HIPAA, ISO 27001, SOC 2, CSA CCM.
  • Assist in performing appropriate due diligence and Information Security and Privacy Risk Assessment of IT systems, applications, new technologies, third parties etc. and implement mitigation controls
  • Conducting Privacy Impact Assessments, developing Data Flow Diagrams, Privacy related policies and procedures etc.
  • Support in conducting Information Security awareness and training programs for the employees as part of their induction and regular awareness
  • Develop in collaboration with other teams’ information security processes and procedures and continuously improve security aspects of operating processes
  • Additional responsibilities include risk, controls, and compliance management, supporting BC/DR audit and examination activities, and development & maintenance of policies, standards & procedures that are aligned with the best practices
  • Familiarity with infrastructure, key processes, and technology-oriented risk issues, specifically around security and privacy. Experience in Cloud Security (AWS, Azure) , Linux, Microsoft Security technologies.

Requirements

  • 7-10 years of relevant experience in Customer facing roles in Information security RFX, Third Party Security Assessments, Audits, Security focussed discussions.
  • Exceptional communication skills, both verbally and in writing, to technical and non-technical audiences of various levels within SirionLabs or outside the organization (executives, regulators, clients, etc.).
  • Deft Understanding and implementation of Information security standards, compliance such as ISO 27001, SOC 2, NIST 800-53, FedRAMP, IRAP etc. and Privacy regulations like GDPR, CCPA, etc.
  • Experience in managing & implementing privacy controls related to GDPR, conducting Privacy Impact Assessments (PIA), developing privacy policies and procedures.
  • Experience in Cloud Security (Preferably AWS & Azure), Linux, Microsoft 0365.
  • Responding and facing customer led Information Security and Data Privacy audits
  • Ability to articulate, understand and map the client information security requirements with the Organisational policies and procedures.
  • BCP/DR Planning and Coordination


Organizational skills:

  • Self-driven and initiator
  • Ability to multi-task effectively and work under pressure
  • Relationship and trust-based information security program (not authority based)
  • Task finisher

Educational qualifications and certifications:

BE / B. Tech / BSc Computer Science with active CISSP / CISA / CIPP / CRISC


SirionLabs is an Equal Opportunity Employer

We value diversity in our workforce, we are an equal opportunity employer and do not discriminate based on race, colour, gender, religion, national origin, ancestry, age, disability, medical condition, genetic information, military & veteran status, marital status, pregnancy, gender identity, sexual orientation, or any other characteristics protected by local laws, regulations, and ordinance.

We also make reasonable accommodations for disabled employees and applicants as required by law.

We follow these principles in all areas of employment including recruitment, training, promotions, compensation, benefits, transfer, and social and recreational programs

Tags: Audits AWS Azure C CCPA CIPP CISA CISSP Cloud Compliance Computer Science CRISC DevOps FedRAMP GDPR HIPAA ISMS ISO 27001 Linux NIST Privacy Risk assessment SaaS Security assessment SOC 2

Region: Asia/Pacific
Country: India
Job stats:  6  0  0
Category: Leadership Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.