BISO (Senior Level Manager)
Gurgaon
Fractal
It's fun to work in a company where people truly BELIEVE in what they are doing!
We're committed to bringing passion and customer focus to the business.
Business Information Security Officer
Gurgaon , India
Job Description
Role Overview
We are seeking a highly skilled and experienced Security GRC to join our dynamic team. The candidate will be responsible for designing, managing, and enhancing our cyber defense strategy, with a focus on risk and compliance.
Key Responsibilities
Governance, Risk, Compliance (GRC) and Investigations:
- Maintain a comprehensive GRC framework aligned with industry standards, regulatory requirements, and organisational objectives.
- Provide strategic direction and oversight for all aspects of governance, risk management and compliance activities in Fractal.
- Develop and implement policies and procedures to promote a culture of compliance across Fractal.
- Help business to cater security requirements from the client side related to new engagement and help to conduct risk assessments for existing business processes.
- Ensure that policies are effectively communicated, understood, and enforced.
- Conduct risk assessments to identify and prioritise risks across Fractal. Develop and implement risk mitigation strategies and controls to minimise exposure to potential threats and vulnerabilities.
- Conduct internal audits and assessments to evaluate the effectiveness of security controls. Collaborate to address findings and remediate any identified deficiencies.
- Manage external audits and compliance for certifications including ISO 27001, SOC2 type2 PCIDSS and cloud security related audits.
- Develop and deliver training programs and materials to educate employees on GRC policies, procedures, emerging threats, and best practices.
- Promote awareness of compliance requirements through regular communication and training initiatives
- Develop and execute comprehensive data monitoring strategy and tool to detect anomalies, unusual patterns, suspicious activities,
- Protect sensitive data and mitigate the risk of data loss or leakage.
- Lead efforts to implement fraud prevention measures, controls, and procedures to mitigate fraud risks and protect company assets.
- Oversee employee investigations ensuring compliance with legal and regulatory requirements. Collaborate with Legal, HR teams to address fraud and employee investigation matters.
- Evaluate security posture of vendors and third-party partners through due diligence assessments and establish a process for ongoing monitoring.
- Stay up to date and informed on developing regulatory concerns and changing IT and information security trends.
Required Skills:
- Proven experience in managing GRC and risk management roles with at least 10 years of relevant experience.
- Strong knowledge on
- applicable information security management, governance, and compliance principles, standards, practices, laws, rules, and regulations (ISO 27001, PCI DSS, NIST, GDPR, CCPA, IT Act, etc)
- cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration.
- Information systems auditing, monitoring, controlling, and assessment process;
- Risk assessment and management methodology.
- Detail-oriented, ability to consistently provide high-quality products that are concise, thorough and accurate.
- Strong attention to detail with an analytical mind and outstanding problem-solving skills.
- Excellent leadership, communication, and interpersonal skills with the ability to effectively engage and influence stakeholders at all levels of the organisation.
Disclaimer
This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Fractal reserves the right to change the job duties, responsibilities, expectations, or requirements posted here at any time at the Company’s sole discretion, with or without notice.
If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!
Not the right fit? Let us know you're interested in a future opportunity by clicking Introduce Yourself in the top-right corner of the page or create an account to set up email alerts as new job postings become available that meet your interest!
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CCPA Cloud Compliance Cyber defense GDPR Governance ISO 27001 Monitoring NIST PCI DSS Risk assessment Risk management SOC 2 Strategy Vulnerabilities
Perks/benefits: Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cybersecurity Analyst jobs
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Engineer jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Network security-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open PowerShell-related jobs