We are looking for a highly experienced Cyber Security GRC professional who is passionate about implementing and operating enterprise-level information security and risk management frameworks within the organization. You will join a dynamic and fast-paced environment and work with cross-functional teams to design, build and roll out products that deliver the company s vision and strategy.
Experience
8+ Years
Pune
Alright, so youre sold. But who are we
Diversity and humility are not just big words hung up on the walls. At CredAble, we put people at the heart of everything we do and our core values are the driving force behind our success.
CredAble is an NBFC technology-powered supply chain funding solutions company Leveraging our trade finance expertise, technology platform, and access to 3rd party capital, we arrange funding programs for enterprise supply chains and do direct lending to SMEs. Led by a team of industry experts, CredAble is at the forefront of powering tech-enabled working capital financing. Programs are anchored around enterprise clients, where we provide funding linked to transactions with suppliers (payables) and distributors (receivables). We are series B funded startup with Axis Bank limited as a strategic investor.
You will be responsible for:
- Partner with CISO to run a global, enterprise-wide cybersecurity risk and compliance strategy aligned with organizational priorities, business objectives, regulatory requirements, and evolving risks.
- Lead and grow a team of cybersecurity professionals, managing risk, compliance, assessments, reporting, metrics, policy, awareness, and third-party risk management.
- Oversee risk and threat-based information security programs ensuring confidentiality, integrity, availability, and privacy.
- Manage enterprise-wide compliance, risk assessment, reporting, cybersecurity policies, third-party risk management, and security training programs.
- Conduct information security audits, respond to external questionnaires, RFPs and collaborate with control entities (Audit Partners, Enterprise Risk Management, Legal Compliance, regulators, and financial institutions).
- Work with the Cloud Security Operations team on incident management, security architecture, vulnerability management, threat intelligence, advisory, and identity and access management.
- Assess security controls, identify improvement opportunities, and communicate recommendations.
- Perform risk assessments against third parties to ensure proper compliance against regulatory requirements.
- Manage annual ISO 27001 internal audits, remediation tracking, evidence collection, and risk identification.
- Lead the creation of Information Security Policies, technical standards and procedures for secure technology configuration and implementation.
- Manage the company-wide information security awareness program to foster a security mindset across leadership, employees, contractors, and third parties.
- Stay updated on security changes impacting regulatory, privacy, and industry best practices.
You will be reporting to:
Chief Information and Security Officer.
What will you bring to the table
- 8 or more years of knowledge and understanding of information security management frameworks and various regulatory requirements such as DPDPA, GDPR, and information security and compliance standards including ISO 27001, SOC 2 etc.
- Strong knowledge of security frameworks including NIST CSF, controls, and audit techniques.
- Strong ability to identify needs, take initiative, and prioritize work efforts, balancing operational tasks with longer-term strategic security efforts.
- Strong technical background with a consistent record of delivering results, validated leadership, communication as well as critical thinking skills, creative and flexible problem solver.
- Strong interpersonal skills and the ability to interact strategically and confidently with internal partners to develop ideas, find opportunities, and influence outcomes.
- Certifications: CISSP, CISA, CISM.
The educational qualification you ll need:
Bachelor s or Master s degree in Computer Science , Engineering, or a related field.
Besides making the best move of your career, what s in it for you
- Working in a highly entrepreneurial setup with a visionary team passionate to help scale new heights of business success.
- Exposure to exploring limitless possibilities and ideas no matter how impossible they may seem today.
- CredAble thrives on transparency and a culture to nurture growth.
- Being part of CredAble enables you to push beyond the ordinary.
