Information Security & Data Privacy Specialist
Gurugram, Haryana, India
SirionLabs is a leading SaaS company focused on developing leading edge AI-led solutions for the legal and contract management space. Our product is trusted by Fortune 500s and major global enterprises such as Schneider, Morgan Stanley, Qantas, Unilever, IBM, Vodafone, Alstom, and Novartis, to create, negotiate, and manage +5 million contracts worth more than US$300bn across 100+ countries around the world. As a result, SirionLabs has been recognized by major industry analyst groups such as Gartner, Forrester, Spend Matters, and IDC as a leader in the contract lifecycle management (CLM) domain.
SirionLabs recently closed a US$85 million Series D funding round, which was led by Partners Group, a leading global private markets firm, along with existing investors Avatar Growth Capital, Sequoia Capital India and Tiger Global. This fresh capital infusion will help us fuel AI R&D and expand our global footprint even further.
With over 700 people working across 10+ offices in North America, Europe, and India, SirionLabs is constantly growing and expanding its global footprint.
Job Role: Information Security & Data Privacy Specialist
Years of Experience required: 7-10 years.
Work Location: Gurgaon
- Implement and Maintain compliance with data protection standards, regulations & legal requirements, including General Data Protection Regulation (GDPR), ISO 27701 - Privacy Information Management System (PIMS) and other regulations relevant for SirionLabs.
- Ensure that the organization processes the personal data of its staff, customers, providers or any other individuals in compliance with the applicable data protection rules.
- Perform periodic Privacy Impact Assessments to identify and manage privacy risks. Implement appropriate controls to mitigate unacceptable risks.
- Define, assess and review the contracts/agreements of customers and vendors for information security and data privacy related clauses/ requirements
- Respond to RFx of prospects and customers of SirionLabs and lead customer presentations and discussions on information security and data privacy topics
- Respond to information security assessments/audits performed by SirionLabs customers, external and internal auditors
- Implementation and Maintain customer contractual (MSA) information security and data privacy obligations
- Build and Maintain RFx response library
- Implement and sustain NIST compliance program.
- Plan and co-ordinate Business Impact Analysis, ongoing BCP and DR tests
- Work with internal stakeholders such as Engineering, DevOps, Customer Success, IT, Product, Finance, HR etc. for implementing controls for the respective functions and ensuring the continuous operating effectiveness of the controls.
- Prepare metrics based periodic reports and dashboards with support from the stakeholder functions for management review
- Support Information Security Governance, Operations, Compliance Programs
- Support periodic Risk Assessments based on organization information security policies, industry standards and regulations applicable to the company and its customers including, GDPR, ISO 27701, NIST 800-53, NIST 800-171, NIST CSF, FedRAMP, HIPAA, ISO 27001, SOC 2, CSA CCM.
- Support in conducting Information Security awareness and training programs for the employees as part of their induction and regular awareness
- Support information security incident management process for incident reporting, containment, resolution, and root cause analysis.
Educational qualifications and certifications:
- BE / B. Tech / BSc Computer Science. CISA, CISM, CISSP, CIPP/E preferred
- Must have - Certified Information Privacy Manager (CIPM)
- Direct hands-on experience in implementing, and managing GDPR, ISO 27701 - Privacy Information Management System (PIMS), ISO 22301 - Business continuity management systems
- Full ITGC lifecycle (implementation, sustenance, monitoring, reporting, remediating, continuous improvement)
- Facing audits - customer, regulatory, independent third party
- Managing ISMS and compliance to Privacy Regulations
- Experience of implementing/auditing Cloud Security Controls. (Preferably, AWS)
- Self-driven and initiator
- Ability to multi-task effectively and work under pressure
- Relationship and trust-based information security program (not authority based)
- Task finisher
SirionLabs is an Equal Opportunity Employer
We value diversity in our workforce, we are an equal opportunity employer and do not discriminate based on race, colour, gender, religion, national origin, ancestry, age, disability, medical condition, genetic information, military & veteran status, marital status, pregnancy, gender identity, sexual orientation, or any other characteristics protected by local laws, regulations, and ordinance.
We also make reasonable accommodations for disabled employees and applicants as required by law.
We follow these principles in all areas of employment including recruitment, training, promotions, compensation, benefits, transfer, and social and recreational programs
Tags: Audits AWS CIPP CISA CISM CISSP Cloud Compliance Computer Science DevOps FedRAMP Finance GDPR Governance HIPAA ISMS ISO 22301 ISO 27001 Monitoring NIST Privacy R&D Risk assessment SaaS Security assessment SOC SOC 2
Perks/benefits: Career development
More jobs like this
Annapolis Junction, Maryland, United … Annapolis Junction, Maryland, United States Full TimeMid Mid-levelUSD 45K - 84K * USD 45K+ *
Computer Network Defense Analyst-MidComputer Science Firewalls Forensics Intrusion detection Network security Pentesting PhD +3
Career development Team events
Explore more InfoSec/Cybersecurity career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.
- Open Information Security Specialist jobs
- Open Information Security Officer jobs
- Open Staff Product Security Engineer jobs
- Open IT Security Engineer jobs
- Open Head of Information Security jobs
- Open Senior Security Operations Engineer jobs
- Open Senior SOC Analyst jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Lead Security Engineer jobs
- Open Information System Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Infrastructure Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open IT Security Analyst jobs
- Open Offensive Security Engineer jobs
- Open Senior Security Analyst jobs
- Open Senior Air Defense/BMD Subject Matter Expert jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open GCP-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Risk assessment-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open ISO 27001-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Vulnerability management-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Threat intelligence-related jobs
- Open Cryptography-related jobs
- Open CISM-related jobs
- Open Analytics-related jobs
- Open Kubernetes-related jobs
- Open APIs-related jobs
- Open IAM-related jobs
- Open DevSecOps-related jobs
- Open PowerShell-related jobs
- Open CISA-related jobs
- Open TCP/IP-related jobs