Information Security Officer

As an Information Security Officer at Bravura Solutions in Gurgaon (SEZ1), you will play a crucial role in supporting the implementation and operation of the organization's Information Security Management System (ISMS) within the region. Your responsibilities will include internal audit & assurance, information security risk management, policy & standards enforcement, audit & compliance, training & awareness, supply chain risk management, and security operations & incident management support. **Key Responsibilities:** - Support the implementation and operations of the ISMS within the region. - Assist in aligning with global security policies and regulatory requirements such as ISO27001, SOC2 type II, and PCI-DSS. - Identify, assess, and mitigate security risks, maintaining the risk register and tracking remediation activities. - Ensure compliance with corporate security policies, frameworks, and client-specific security mandates. - Support internal and external security audits, ensuring timely remediation of findings. - Assist in managing and responding to security incidents within the region for rapid containment and remediation. - Support the delivery of security awareness programs and phishing exercises to enhance security culture. - Collaborate with HR and other departments to embed security education in employee onboarding and training. - Support the assessment and management of security risks associated with third-party vendors and suppliers. - Assist in regular security assessments of critical suppliers and ensure security requirements are included in vendor contracts and SLAs. **Qualifications Required:** - Bachelors degree in Information Security, Computer Science, or related field (or equivalent experience). - 3+ years of experience in an information security role, preferably with regional oversight in an MSP or data processing environment. - Good understanding of ISO27001, NIST, GDPR, and other security and data protection frameworks. - Experience in security risk management, audits, compliance, and client security assurance. - Knowledge of security operations, incident response, and managed security services. - Familiarity with supply chain security and third-party risk management. - Good communication and stakeholder management skills, with experience working with clients on security matters. - Ideally security certifications such as CISSP, CISM, or CRISC are preferred. As an Information Security Officer at Bravura Solutions in Gurgaon (SEZ1), you will play a crucial role in supporting the implementation and operation of the organization's Information Security Management System (ISMS) within the region. Your responsibilities will include internal audit & assurance, information security risk management, policy & standards enforcement, audit & compliance, training & awareness, supply chain risk management, and security operations & incident management support. **Key Responsibilities:** - Support the implementation and operations of the ISMS within the region. - Assist in aligning with global security policies and regulatory requirements such as ISO27001, SOC2 type II, and PCI-DSS. - Identify, assess, and mitigate security risks, maintaining the risk register and tracking remediation activities. - Ensure compliance with corporate security policies, frameworks, and client-specific security mandates. - Support internal and external security audits, ensuring timely remediation of findings. - Assist in managing and responding to security incidents within the region for rapid containment and remediation. - Support the delivery of security awareness programs and phishing exercises to enhance security culture. - Collaborate with HR and other departments to embed security education in employee onboarding and training. - Support the assessment and management of security risks associated with third-party vendors and suppliers. - Assist in regular security assessments of critical suppliers and ensure security requirements are included in vendor contracts and SLAs. **Qualifications Required:** - Bachelors degree in Information Security, Computer Science, or related field (or equivalent experience). - 3+ years of experience in an information security role, preferably with regional oversight in an MSP or data processing environment. - Good understanding of ISO27001, NIST, GDPR, and other security and data protection frameworks. - Experience in security risk management, audits, compliance, and client security assurance. - Knowledge of security operations, incident response, and managed security services. - Familiarity with supply chain security and third-party risk management. - Good communication and stakeholder management skills, with experience working with clients on security matters. - Ideally security certifications such as CISSP, CISM, or CRISC are preferred.