Indusface - Manager - Risk & Compliance

Responsibilities:

- Assist to Implement, maintain, and manage security compliance frameworks, including ISO 27001, PCI DSS, SOC2 Type2, GDPR, DPDPA and other regulatory standards.

- Act as a liaison with product vendors, conduct Proof of Concepts (POC), and generate reports on findings.

- Be the conduit between Customer Audit teams and Indusface internal teams.

- Represent the organization for 2nd party audits by customers.

- Third-party risk management audits.

- Assist in conducting internal security audits to identify risks and ensure compliance with organizational policies.

- Assist in performing risk assessment and management, identifying vulnerabilities, and recommending mitigation strategies.

- Be a versatile player for security compliance, addressing queries and ensuring adherence to best practices.

- Assist in preparing and deliver internal presentations on the organizations security posture and compliance status.

- Assist in developing, review, and update security policies and procedure documents to align with industry standards.

- Manage and maintain the security review and audit charter, ensuring all compliance activities are well-documented.

Candidate Profile:

- Bachelors degree in information security, Cybersecurity, IT, or a related field.

- 5+ years of experience in security compliance, risk assessment, or IT security audits.

- Knowledge of ISO 27001, PCI DSS, and other compliance frameworks.

- Experience conducting risk assessments and internal audits.

- Ability to analyze security risks and recommend mitigation strategies.

- Documentation and policy-writing skills.

- Excellent communication and presentation skills.

- Ability to work independently and collaborate with cross-functional teams.

- Exposure to GRC tools is needed

- Certifications such as CISSP, CISA, CISM, or ISO 27001 Lead Auditor.

- Hands-on experience with security tools and technologies