This job is expired.


Information Security Engineer(grc)

India, Bengaluru
Last update 2024-06-21
Expires 2024-06-21
ID #2186609993
Information Security Engineer(grc)
India, Bengaluru,
Modified June 8, 2024


Job Description

Develop and finalize policies, procedures, and guidelines related to IT and Infosec domains in alignment with industry best practices (ISO 27001 and ITIL)
Align internal IT and Infosec processes as per RBI IT and security guidelines
Assist IT and Infosec Team in defining the key metrics for management reporting
Develop of cyber security standards, including incorporating industry practices and applicable compliance requirements
Maintain the the security risk register and related policies
Maintain the inventory of IT vendors as per regulatory guidelines.
Develop review checklists, questionnaire, and manage evidences to assist the IT vendor risk management process
Perform 3rd party security due-diligence reviews and periodic vendor risk assessments to assess vendor compliance.
Coordinate with external stakeholders and auditors for IT and Infosec related reviews
Coordinate for conducting periodic penetration testing exercises on in-scope applications and related infrastructure. Coordinate with stakeholders for timely closure of open risks.
Assist in imparting security awareness training and executing phishing simulation exercises to employees.
Assist IT and Infosec in gathering the metrics data and prepare management dashboards
Lead the periodic IT and Infosec governance review meetings and gather feedback for improvement
Assess the existing IT and Infosec processes and provide recommendations to improve
Identify opportunities for IT and Infosec governance automation and lead the continuous compliance initiatives
Support cross-entity teams/group entities to mirror the best practices implemented at the parent entity
Develop templates for incident reporting and manage artifacts. Assist during incident investigation and collaborating with stakeholders.

Key Areas: ISO 27001, security governance, vendor security due-diligence, vendor security reviews and assessment, preparation of security checklist, security awareness/phishing simulation, management dashboards, manage key metrics for IT and Infosec,
Certifications: good to have - ISO 27001, ITIL
Should have 5 - 7 years of experience in information security domain and minimum should have 4 of years in overall IT and Infosec governance related activities.
Must have sound knowledge in defining processes, developing policies, procedures, and guidelines, and preparing management reporting dashboards.
Must have experience in guiding teams with respect to RBI IT guidelines
Developing and implementing enterprise governance, risk, and compliance strategy and solutions
Ability to document and explain details in a concise & understandable manner
Industry recognized certificates relevant to the roles such as ITIL, ISO 27001 are desired
Ability to lead complex, cross-functional projects, and problem-solving initiatives.
Passionate about IT/information security and update knowledge on daily basis to support the organization
Candidates must have excellent verbal and written communication skills
Familiarity with industry standards and regulations including PCI, ISO27001, CIS, NIST is desired.
Candidates from BFSI experience will be preferred
Fair understanding of public cloud models (e.g. AWS, Google, Microsoft Azure) and their security implications

Candidate should be a good team player
Should have good interpersonal skills
Good written communication skills including ability to develop process documentation and security guidelines.
Ability to apply critical thinking and logic to a wide range of intellectual and practical problems
Ability to maintain composure under pressure and work calmly during an emergency
Ability to manage multiple tasks and schedules

Job details:

Job type: Full time
Contract type: Permanent
Salary type: Monthly
Occupation: Information security engineer(grc)

⇐ Previous job

Next job ⇒     


Contact employer

    Quick search:


    Type city or region