Project Lead - Data Security & Protection

Position Vacant: Project Lead- Data Security and Protection

No. Of Vacancies: 1

Organization Name: Confidential

Company Profile (Industry, Size, Products/Services, Standing in India/World etc.) World's largest leadership advisory, research and consulting firm, having presence in 40+ countries, with 60+ offices worldwide.

Job Description / Responsibilities:

- Provide response to Data Security and Protection Requests for client proposals (RFP), audit questionnaires and other documents to EgonZehnder clients from an IT and data privacy perspective as received from business or legal team

- Work closely with various IT functions and Legal team to ensure that technical knowledge is maintained, and that RFP and other client response can be accurately and timely answered

- Collaborate cross-functionally with roles such as IT infrastructure, Digital/application development, and Legal to identify and highlight gaps and risks around Cybersecurity and Data Protection such as GDPR

- Adopt new controls and align cybersecurity policies as per well-known standards e.g. ISO 27001 for reduced scrutiny and quick closures of RFPs

- Maintain an internal RFP knowledgebase which can be referenced by regional offices and other support functions if required

- Actively participate in running internal data security and protection audits, which includes assessment and gap analysis of current IT security policies, processes, systems and controls.

- Assess risk imposed by technical solutions and advise business of security standards, best practice and solutions to address data security and protection risk

Desired profile of the candidate :

- Experience in RFI and RFP response in the area of Cyber Security Solutions including infrastructure security, security monitoring /analytics / incident-response, risk & compliance management, identity & access management and data security solutions

- Minimum 8+ years of Information Security, vendor risk management and/or other risk management experience preferably in banking or financial services industry

- Experience and affinity with data privacy laws namely GDPR

- Familiar with regulatory and industry standards such as NIST, ISO 27001 etc. and SOC1/SOC2 audit reports

- Ability to answer complex risk assessments and questionnaires across all domains of IT Security

- Understanding of enterprise security systems (e.g., Firewalls, VPN, SEIM), security threats and related risks, data loss prevention, malware protection etc.

- Ability to adapt to a fast-moving IT landscape and keep pace with the latest thinking and new security technologies

- Capability to understand, analyze, and interpret legal, contractual language, and summarize findings in concise, articulate manner

- Ability to be discrete and maintain confidentiality with respect to agreement contents and other highly sensitive business matters and projects

Level of designation (Managerial/Non Managerial) : Project Lead

Functional area - IT Security

Industry: IT and Consulting

Desired work experience (in complete years):

Minimum: 8

Maximum: 20

Compensation Offered: 20-30 LPA

Location of posting: Gurgaon