Information Security & Data Privacy Specialist
Gurugram, Haryana, India
Applications have closed
About SirionLabs:
SirionLabs is a leading SaaS company focused on developing leading edge AI-led solutions for the legal and contract management space. Our product is trusted by Fortune 500s and major global enterprises such as Schneider, Morgan Stanley, Qantas, Unilever, IBM, Vodafone, Alstom, and Novartis, to create, negotiate, and manage +5 million contracts worth more than US$300bn across 100+ countries around the world. As a result, SirionLabs has been recognized by major industry analyst groups such as Gartner, Forrester, Spend Matters, and IDC as a leader in the contract lifecycle management (CLM) domain.
SirionLabs recently closed a US$85 million Series D funding round, which was led by Partners Group, a leading global private markets firm, along with existing investors Avatar Growth Capital, Sequoia Capital India and Tiger Global. This fresh capital infusion will help us fuel AI R&D and expand our global footprint even further.
With over 700 people working across 10+ offices in North America, Europe, and India, SirionLabs is constantly growing and expanding its global footprint.
Requirements
Job Role: Information Security & Data Privacy Specialist
Years of Experience required: 7-10 years.
Work Location: Gurgaon
Job Profile
- Implement and Maintain compliance with data protection standards, regulations & legal requirements, including General Data Protection Regulation (GDPR), ISO 27701 - Privacy Information Management System (PIMS) and other regulations relevant for SirionLabs.
- Ensure that the organization processes the personal data of its staff, customers, providers or any other individuals in compliance with the applicable data protection rules.
- Perform periodic Privacy Impact Assessments to identify and manage privacy risks. Implement appropriate controls to mitigate unacceptable risks.
- Define, assess and review the contracts/agreements of customers and vendors for information security and data privacy related clauses/ requirements
- Respond to RFx of prospects and customers of SirionLabs and lead customer presentations and discussions on information security and data privacy topics
- Respond to information security assessments/audits performed by SirionLabs customers, external and internal auditors
- Implementation and Maintain customer contractual (MSA) information security and data privacy obligations
- Build and Maintain RFx response library
- Implement and sustain NIST compliance program.
- Plan and co-ordinate Business Impact Analysis, ongoing BCP and DR tests
- Work with internal stakeholders such as Engineering, DevOps, Customer Success, IT, Product, Finance, HR etc. for implementing controls for the respective functions and ensuring the continuous operating effectiveness of the controls.
- Prepare metrics based periodic reports and dashboards with support from the stakeholder functions for management review
- Support Information Security Governance, Operations, Compliance Programs
- Support periodic Risk Assessments based on organization information security policies, industry standards and regulations applicable to the company and its customers including, GDPR, ISO 27701, NIST 800-53, NIST 800-171, NIST CSF, FedRAMP, HIPAA, ISO 27001, SOC 2, CSA CCM.
- Support in conducting Information Security awareness and training programs for the employees as part of their induction and regular awareness
- Support information security incident management process for incident reporting, containment, resolution, and root cause analysis.
Educational qualifications and certifications:
- BE / B. Tech / BSc Computer Science. CISA, CISM, CISSP, CIPP/E preferred
- Must have - Certified Information Privacy Manager (CIPM)
Requirements
Expertise/experience
- Direct hands-on experience in implementing, and managing GDPR, ISO 27701 - Privacy Information Management System (PIMS), ISO 22301 - Business continuity management systems
- Full ITGC lifecycle (implementation, sustenance, monitoring, reporting, remediating, continuous improvement)
- Facing audits - customer, regulatory, independent third party
- Managing ISMS and compliance to Privacy Regulations
- Experience of implementing/auditing Cloud Security Controls. (Preferably, AWS)
Organizational skills:
- Self-driven and initiator
- Ability to multi-task effectively and work under pressure
- Relationship and trust-based information security program (not authority based)
- Task finisher
SirionLabs is an Equal Opportunity Employer
We value diversity in our workforce, we are an equal opportunity employer and do not discriminate based on race, colour, gender, religion, national origin, ancestry, age, disability, medical condition, genetic information, military & veteran status, marital status, pregnancy, gender identity, sexual orientation, or any other characteristics protected by local laws, regulations, and ordinance.
We also make reasonable accommodations for disabled employees and applicants as required by law.
We follow these principles in all areas of employment including recruitment, training, promotions, compensation, benefits, transfer, and social and recreational programs
Tags: Audits AWS CIPP CISA CISM CISSP Cloud Compliance Computer Science DevOps FedRAMP Finance GDPR Governance HIPAA ISMS ISO 22301 ISO 27001 Monitoring NIST Privacy R&D Risk assessment SaaS Security assessment SOC SOC 2
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs