Information Security Manager

Role Details

Position: Information Security Manager

Location

About SCRUT Automat

Scrut Automation is a one-stop shop for infosec compliance. It supports IT/ITES/SaaS companies in automating their information security compliance tasks and reduces manual work in maintaining compliance by ~70%. Founded by IIT/ISB/McKinsey alumni, the founding team has over 15 years of combined Infosec experience. Scrut is backed by Lightspeed Ventures and Endiya Partners, along with prominent angels from the global SaaS community.

The Scrut platform provides the fastest solution for achieving and maintaining compliance across global standards, including but not limited to SOC 2, ISO 27001, GDPR, HIPAA, PCI-DSS, or CCPA, through its truly 'single window' operations. Scrut acts like an organization’s virtual CISO, so they can focus on their business and leave compliance to Scrut.

Overview of the Job Profile

This position is responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected.

Responsibilities

• Understanding the Policies and Procedures of the Client and suggesting improvement points related to Information Security.
• Understanding the setup of the Cloud Infrastructure of Clients and suggesting improvement points related to Information Security.
• Preparation of Policies and Procedures for Information Security.
• Impart training on Information Security.
• Performing Infosec Internal Audits covering all departments as per ISO 2700,SOC 2/GDPR requirements.

Requirements

• Degree in Engineering (Computer Science/IT) /MCA/ Business administration in a technology-related field required.
• Minimum of 3-5 years of experience in Information security, Governance, Risk and Compliance
• Understanding of Unified/Secure Controls Framework.
• Exposure to one or more infosec audits and implementation like ISO 27001/SOC 2/GDPR/PCI DSS isa must.
• Exposure to one or more privacy audits and implementation like ISO 27701/GDPR is a must.
• Professional security management certification (Like ISO 27001 Lead Auditor / Lead Implementer Certification or CISA or CISSP) will be an added advantage.
• Knowledge of security controls of AWS / Microsoft Azure / GCP will be an added advantage.
• Excellent written and verbal communication skills and a high level of personal integrity.
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, inter disciplinary teams.
• Regulatory Compliance like SAR-DL, PPI, PAPG, RBI Master Guidelines, IRDA related requirements.
• Knowledge on ISO 42001 would be an added advantage.

Why should this job excite you?

• Opportunity to make an early impact on one of the most promising, high-growth SaaS startups in India.
• A high-performing action-oriented team.
• Opportunity to shape the future of B2B SaaS with YOUR innovative ideas.
• The competitive compensation package, benefits, and employee-friendly work culture.