Information Security and Compliance Specialist (BFSI) PeopleGene

5.0 - 9.0 years

0 Lacs

pune, maharashtra

On-site

You are a proactive Security & Compliance Lead responsible for overseeing and executing security audits and compliance efforts for applications, infrastructure, and organizational processes. Your role is crucial in ensuring that systems, applications, and business operations are secure, compliant, and in alignment with internal policies and regulatory requirements such as RBI, ISO 27001, and SOC 2 Type II. Your key responsibilities include conducting technical assessments for new BFSI clients, completing cloud infrastructure security and compliance questionnaires, mapping customer security and regulatory requirements to internal controls, maintaining documentation for BFSI assessment artifacts, managing security questionnaires from clients, vendors, and partners, evaluating vendor security and compliance, identifying security risks within the company's IT infrastructure, ensuring compliance with security standards, collaborating with internal teams to maintain compliance with legal and regulatory requirements, developing and maintaining internal security policies and procedures, preparing detailed reports on security assessments and risk analysis, providing recommendations to enhance security measures, educating internal staff and external partners on security best practices, and supporting pre-sales and onboarding teams with assessment documentation. To excel in this role, you should ideally possess a Bachelor's degree in computer science, Information Security, Data Science, or a related field, along with at least 5 years of experience in Audit/compliance, application security assessments, and AWS cloud security, preferably in the BFSI domain. Additionally, having at least 2 years of experience in AWS cloud security and risk assessments, expertise in AWS cloud infrastructure, familiarity with secure coding practices, vulnerability management, and threat modeling, and exposure to information security standards like ISO 27001, SOC 2, and RBI cybersecurity framework are beneficial. Good to have qualifications include familiarity with data protection and encryption methodologies, the ability to explain security configurations and policies in simple terms, experience with security controls, vulnerability scanning tools, and SIEM, as well as exposure to security tools such as network firewall and IPS/IDS. Overall, your role as a Security & Compliance Lead is pivotal in ensuring the security and compliance of the organization's IT infrastructure, applications, and services while staying updated on AWS best practices, shared responsibility model, and evolving cloud security trends.,

Posted 3 days ago

Apply

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.