Director : Information Security
Location : Bengaluru
- This job requires you to be an IC as well as a leader who will be involved in all infosec aspects both for our banking clients and internal.
- Your role would involve and not limited to the following Implement, manage, and maintain information security related compliances such as ISO 27001, GDPR, SOC 2 & 3, PCIDSS, etc.
- Conduct periodic risk assessments and internal audits Maintain compliance related documents across all scoped functions; Provide continuous support to the teams in their compliance journey
- Perform ongoing refactoring of implemented controls Lead compliance audits and close of non-conformances and suggestions Liaise closely with the IT and Engineering team to implement best in class information/data security/privacy controls Identify opportunities to adopt innovative technologies and best practices
- Be the information security SPOC for our external banking clients for cyber security related queries and closure.
- You should be able to prepare detailed data flow diagrams and documents for both clients and internal Face ISO27001, PCIDSS audits conducted third parties and banks
- Build a team of security officers to dedicatedly work for each of our banking clients for maintaining compliance and supporting banks queries.
What you will need 12+ years of experience in implementation and maintenance of information security related compliances
- Excellent understanding of IT and SDLC processes Excellent communication skills; Should be able to communicate complex and dry IT topics in a fun way Very good understanding of cloud architecture/technologies like kubernetes, docker, infrastructure as a code etc is a plus Theoretical understanding of cloud platforms like AWS and GCP is a must.
- You should be able to communicate efficiently with devops teams Exposure to ISO 27001 and PCI DSS is a must Should be proficient conducting internal audits Understanding of security engineering ( VAPT, devsecops etc ) and tools ( like Palo alto ) is required.
- Should be able to liase with security engineering teams, vendors ,incident response teams for smooth implementation of compliances.
Didn’t find the job appropriate? Report this Job