Senior Information Security Analyst-(Risk and Regulatory Tech Complainance)
Karnataka, Bengaluru, India
KreditBee
Roles and Responsibilities:
- Ensure Compliance with the Regulatory requirements w.r.t the Information and Cyber Security requirements - RBI, UIDAI, CIC, etc.
- Identify and develop the InfoSec Policy, Processes, and Procedures to incorporate the industry benchmarks / best practices and the latest trends.
- To identify, track, monitor & ensure compliance with InfoSec Policy, Regulatory, Legal & Audit requirements.
- To develop & manage InfoSec Training & awareness.
- Work with respective stakeholders to ensure that the Policy/Procedures, regulatory, legal & audit requirements for Information and cyber security are understood and implemented on a continual basis.
- Monitor & track the compliance to all relevant processes/practices to ensure that they are followed as desired.
- Liaison with internal and external Security Audits and assessments – VAPT, GDPR/ISO 27001 compliance.
- Establish continual improvement processes to mitigate identified gaps & improve overall maturity to provide adequate assurance.
- Establish security metrics based on agreed KGIs/KPIs to monitor & track compliance.
- Escalate deviations and violations on time.
- Remain updated with the latest security trends and related regulatory & legal requirements.
- To maintain the required security posture for cloud security, primarily AWS & GCP
- To maintain & improve code security & DevopsSec practices
- To maintain & improve the endpoint security, by bringing in DLP and data classification practices.
- To review and improve email, apps & network security.
- To run periodic phishing campaigns.
- To respond third-party risk assessment questionnaire
- Perform Independent Internal Audit and assessment in line with Regulatory requirements - RBI, UIDAI, CIC, V-CIP, DLG, etc.
Key Skills and Qualifications
- Bachelor of Engineering/Computer Science or equivalent from a recognized University
- The ability to interact efficiently with peers and customers is required.
- 4-6 years with relevant experience in establishing & managing InfoSec Governance and compliance.
- Should have sound knowledge & experience in developing Enterprise Frameworks, Policies, and Processes by adopting Industry Best Practices and standards like ISO27001, and Regulatory Guidelines.
- Should have strong analytical and communication skills.
- Should have sound knowledge, experience & understanding of Compliance Management.
- Should have the ability to develop and effectively measure, and present Dashboard/reports with or without GRC tools.
- Should have experience in developing InfoSec awareness programs and rendering InfoSec awareness sessions.
- An individual with 2-3 years of IT experience in Cloud Security would be preferred.
- Candidates with professional security certificates like CISA, CISM, and ISO27001 Lead Auditor would be preferred.
- A good understanding of cloud security, AWS, and GCP is a must to have.
- A good understanding of the Data Privacy Framework - GDPR, India Data Privacy Act, etc
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Categories:
Analyst Jobs
Compliance Jobs
Tags: Audits AWS CISA CISM Cloud Compliance Computer Science Endpoint security GCP GDPR Governance ISO 27001 KPIs Network security Privacy Risk assessment
Region:
Asia/Pacific
Country:
India
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Cloud Security Engineer jobsInformation Systems Security Officer jobsInformation System Security Officer jobsInformation Security Manager jobsSenior Network Security Engineer jobsSenior Cybersecurity Engineer jobsInformation Security Specialist jobsSecurity Consultant jobsSenior Penetration Tester jobsSecurity Specialist jobsSenior Information Security Analyst jobsSenior Cyber Security Engineer jobsIT Security Engineer jobsCyber Security Specialist jobsChief Information Security Officer jobsPrincipal Security Engineer jobsInformation System Security Officer (ISSO) jobsStaff Security Engineer jobsCloud Security Architect jobsIT Security Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsThreat Intelligence Analyst jobsCybersecurity Consultant jobsSystems Engineer jobs
GDPR jobsForensics jobsSaaS jobsEncryption jobsEDR jobsTop Secret jobsMalware jobsSDLC jobsSplunk jobsSQL jobsRMF jobsIDS jobsBash jobsIPS jobsDocker jobsIntrusion detection jobsDoDD 8570 jobsCompTIA jobsITIL jobsTerraform jobsOWASP jobsFinance jobsCRISC jobsTCP/IP jobsThreat detection jobs
VPN jobsActive Directory jobsGIAC jobsClearance Required jobsUNIX jobsAnsible jobsBanking jobsSANS jobsIT infrastructure jobsJavaScript jobsPolygraph jobsHIPAA jobsJira jobsDNS jobsMITRE ATT&CK jobsOSCP jobsGCIH jobsMachine Learning jobsSOX jobsData Analytics jobsSOC 2 jobsCCSP jobsOracle jobsSOAR jobsCISO jobs