Assistant Manager - Information Security - 111021
Gurugram, Haryana, India
SirionLabs - SaaS Product firm | is looking for people who are driven to make a difference.Bringing together leading innovation, unrivaled Contract Lifecycle Management expertise, and a deep commitment to customer success, SirionLabs helps the world’s leading businesses contract smarter.
Powered by intelligence uniquely connected across the complete contract lifecycle. SirionLabs’ easy-to-use, highly configurable Smarter Contracting Platform brings legal, procurement, and business teams together to author stronger agreements, manage risk and strengthen counterparty relationships.
Today, analyst firms such as Forrester, Spend Matters and IDC agrees that SirionLabs is a leader in CLM whilst world-leading businesses including Vodafone, Unilever, DHL, and Morgan Stanley trust SirionLabs to create, control, and manage over 5m contracts worth more than $300bn, in 100+ countries around the world. SirionLabs is backed by leading VC firms and has gone through a Series C round. SirionLabs is a 550+ people company with 7 offices globally.
Job Role: Assistant Manager – Information Security
Experience: 7 – 10 years
- Responding to RFx, Information security & Data Privacy questionnaires of SirionLabs prospects and effectively participate in customer’ discussions on related topics.
- Responsible for managing and building the RFX response library and supporting artefacts in central repository.
- Respond to all information security assessments/audits performed by SirionLabs customers, external and internal auditors. Aligns customer and internal information security objectives to the ISMS (Information Security Management System) and PIMS (Privacy Information Management System).
- Prepare metrics based periodic reports and dashboards with support from the stakeholder functions for management review
- Work with internal stakeholders such as Engineering, DevOps, Customer Success, IT to gather and collate response & artifact for security risk questionnaires required for business proposals and for existing client and organizational data requests
- Perform Review of SirionLabs’ vendor and Customer contractual documents (MSA, SOW, DPA, SCC) to verify the compatibility compliance with SirionLabs’ Information security & privacy policies and procedures. Highlight and articulate the risk to the wider forum.
- Build and maintain client contractual information security obligations program. Understand key infosec obligations from SirionLabs customers and collaborate with other teams to ensure complete implementation of the security controls related to those obligations.
- Support in periodic Risk Assessments based on organization information security policies, industry standards and regulations applicable to the company and its customers including, GDPR, ISO 27701, NIST 800-53, NIST 800-171, NIST CSF, FedRAMP, HIPAA, ISO 27001, SOC 2, CSA CCM.
- Assist in performing appropriate due diligence and Information Security and Privacy Risk Assessment of IT systems, applications, new technologies, third parties etc. and implement mitigation controls
- Conducting Privacy Impact Assessments, developing Data Flow Diagrams, Privacy related policies and procedures etc.
- Support in conducting Information Security awareness and training programs for the employees as part of their induction and regular awareness
- Develop in collaboration with other teams’ information security processes and procedures and continuously improve security aspects of operating processes
- Additional responsibilities include risk, controls, and compliance management, supporting BC/DR audit and examination activities, and development & maintenance of policies, standards & procedures that are aligned with the best practices
- Familiarity with infrastructure, key processes, and technology-oriented risk issues, specifically around security and privacy. Experience in Cloud Security (AWS, Azure) , Linux, Microsoft Security technologies.
- 7-10 years of relevant experience in Customer facing roles in Information security RFX, Third Party Security Assessments, Audits, Security focussed discussions.
- Exceptional communication skills, both verbally and in writing, to technical and non-technical audiences of various levels within SirionLabs or outside the organization (executives, regulators, clients, etc.).
- Deft Understanding and implementation of Information security standards, compliance such as ISO 27001, SOC 2, NIST 800-53, FedRAMP, IRAP etc. and Privacy regulations like GDPR, CCPA, etc.
- Experience in managing & implementing privacy controls related to GDPR, conducting Privacy Impact Assessments (PIA), developing privacy policies and procedures.
- Experience in Cloud Security (Preferably AWS & Azure), Linux, Microsoft 0365.
- Responding and facing customer led Information Security and Data Privacy audits
- Ability to articulate, understand and map the client information security requirements with the Organisational policies and procedures.
- BCP/DR Planning and Coordination
- Self-driven and initiator
- Ability to multi-task effectively and work under pressure
- Relationship and trust-based information security program (not authority based)
- Task finisher
Educational qualifications and certifications:
BE / B. Tech / BSc Computer Science with active CISSP / CISA / CIPP / CRISC
SirionLabs is an Equal Opportunity Employer
We value diversity in our workforce, we are an equal opportunity employer and do not discriminate based on race, colour, gender, religion, national origin, ancestry, age, disability, medical condition, genetic information, military & veteran status, marital status, pregnancy, gender identity, sexual orientation, or any other characteristics protected by local laws, regulations, and ordinance.
We also make reasonable accommodations for disabled employees and applicants as required by law.
We follow these principles in all areas of employment including recruitment, training, promotions, compensation, benefits, transfer, and social and recreational programs
Other jobs like this
Explore more Cyber Security career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.
- Open Cyber Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Penetration Tester jobs
- Open Senior DevSecOps Engineer jobs
- Open Application Security Engineer/Architect jobs
- Open Senior Security Operations Engineer jobs
- Open Cyber Threat Intelligence Analyst jobs
- Open Head of Information Security jobs
- Open Senior Information Security Engineer jobs
- Open Lead Security Engineer jobs
- Open Staff Security Engineer jobs
- Open SOC Analyst jobs
- Open Cyber Security Analyst jobs
- Open Information System Security Officer (ISSO) jobs
- Open Cybersecurity Engineer jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Cloud Security Automation Specialist jobs
- Open Offensive Security Engineer jobs
- Open Information Security Officer jobs
- Open Azure Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cloud Security Operations Lead jobs
- Open Cybersecurity Analyst jobs
- Open DevOps-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Audits-related jobs
- Open PCI-related jobs
- Open OWASP-related jobs
- Open Threat intelligence-related jobs
- Open Clearance-related jobs
- Open Security assessments-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open Ruby-related jobs
- Open Encryption-related jobs
- Open CEH-related jobs
- Open CISM-related jobs
- Open GDPR-related jobs
- Open Agile-related jobs
- Open Threat detection-related jobs
- Open Open Source-related jobs
- Open OSCP-related jobs
- Open Intrusion detection-related jobs
- Open DevSecOps-related jobs
- Open Machine Learning-related jobs