Jobs

Interviews
Job Alerts
Tools

Upskill and Grow with AI

Mock Interview Practice interviews in realistic simulations

Coding Practice Improve your coding skills with challenges

Certification Earn certifications to validate your skills

AI Learning Get trained with AI expert sessions

Career Path AI insights for smarter career decisions

AI Job Match Score AI-Powered Job Match Against Your Resume and Optimize Your Resume

Career Tools and Resources

Resume Builder Build Professional Resume with Ease

ATS Friendliness Check Check Resume Friendliness for Applicant Tracking Systems

Auto Apply Apply to hundreds of jobs on any platform effortlessly

Co-Pilot (Chrome Extension) Your AI Assistant for Seamless Browsing Efficiency

Interview Questions Streamline interviews with ready-to-use questions

Salaries Discover market-driven salary insights across skillsets and geographies

Companies Explore leading companies actively hiring talent
For Employers

Home
>
Jobs in pune
>
Davies
>
Information Security Risk Officer

Information Security Risk Officer

Davies

3 years

0 Lacs

pune maharashtra india

Posted:1 day ago| Platform:

Apply

Skills Required

security risk compensation management design effectiveness controls data governance compliance agility engagement support tracking checks testing evidence analysis remediation audits addition nist evaluation drafting documentation audit assessment reporting training communication

Work Mode

On-site

Job Type

Full Time

Job Description

Department:

Location:

Compensation:

Description

We are seeking a 3 year+ experienced Information Security Risk Officer to join our second line of defence, providing independent oversight, challenge, and assurance of information security practices across the organisation. This role is critical in ensuring that information security risks are effectively identified, assessed, managed, and reported in alignment with regulatory requirements, ISO/IEC 27001 standards, and our enterprise risk management framework.Reporting to the Group Head of Information Security, you will play a key role in evaluating the design and operational effectiveness of controls that safeguard our information systems and data. You will provide objective, risk-based assurance and contribute to continuous improvement across security governance, incident management, risk management, and compliance activities.Working closely with stakeholders across IT, Risk, Legal, and Operations, you will help embed security into business processes and projects from the outset, ensuring a consistent and resilient approach to information protection.This is a hands-on, business-facing role, ideal for someone who is passionate about enabling teams to operate securely while supporting the organisation’s ability to move with agility and confidence. You’ll thrive in a dynamic environment where pragmatic risk management and proactive engagement are key to driving secure business outcomes

Key Responsibilities

Develop and maintain organisational policies and standards, applying recognised standards (ISO/IEC 27001).
Support review and tracking of information security risks, assessments, and treatment plans.
Perform spot checks or sample testing on selected security controls.
Escalate gaps and provide supporting evidence to senior management.
Monitor incidents logged by 1LOD to ensure appropriate root cause analysis and lessons learned are completed.
Track remediation activities through to closure.
Assist in gathering evidence for ISO 27001 audits, regulatory assessments, and internal assurance reviews.
Gather and prepare risk, compliance, and incident data for reporting.
Escalate issues that require senior management judgement or intervention.
Promote awareness of information security policies, standards, and risk management processes.
Act as a liaison between 1LOD divisions and the Group Information Security function.
In addition to the responsibilities listed, this role may be asked to perform other information security or risk-related activities in-line with organizational priorities.

Skills, Knowledge & Expertise

Experience

At least 3 years of hands-on experience in an information security or risk role.
Understanding of Information security and cyber risk frameworks (ISO 27001, NIST CSF, CIS).
Practical experience in Information security risk management including risk assessments, control evaluation, and reporting.
Drafting and maintaining documentation, including policies, standards, procedures, and guidance that align with security frameworks and regulatory requirements.
Experience in a 2nd Line or audit/risk assurance role within a large or complex organisation is desirable.

Education

A Bachelor’s degree or higher in Information Security, Computer Science, or related field.

Knowledge

Understanding of ISO 31000: Risk Management – Guidelines.
Strong understanding of Information Security standards and frameworks, especially:

ISO/IEC 27001 (implementation and audit)
NIST CSF
CIS Controls

Security governance and compliance (e.g. policies, standards, procedures)
Familiar with IT infrastructure, cloud services, applications, and third-party supplier risks.
Proficient in risk assessment methodology – (identification, assessment, mitigation).
Security Incident response procedures.
Regulatory and legal requirements such as:

GDPR
Data Protection Act (UK)

Skills

Strong analytical, reporting, and communications skills.
Clear and confident communicator, capable of translating complex security issues into language appropriate for both technical and non-technical stakeholders.
Audit and compliance activities, contributing to the preparation, execution, and follow-up of internal and external audits.
Able to contribute to the develop, prepare, and deliver of security awareness training and educational materials to a diverse audience.

Ability

To perform and document information security risk assessmentsCollaborative team player, comfortable working with IT, Legal, HR, Risk, and operational teams.To lead small-scale initiatives and driving continuous improvement across security activities.Quick learner with a growth mindset, able to adapt and be flexible.Strong understanding of Information security and cyber risk frameworks (ISO 27001, NIST CSF, CIS)Proven experience in information security and risk management.Excellent English communication skills (written and verbal).Relevant professional certification(s) (at least one of the following):

CRISC – Certified in Risk and Information Systems Control
CISA – Certified Information Security Auditor
ISO/IEC 27001 Lead Implementer/Auditor

Not all required but valued:

CISM – Certified Information Security
CRISC – Certified in Risk and Information Systems Control
CISA – Certified Information Security Auditor
ISO/IEC 27001 Lead Implementer/Auditor

More Jobs at Davies

Team Leader - Claims Administrator

Pune, Maharashtra, India

5 - 8 yrs

Salary: Not disclosed

Sr. Data Analyst - Supply Chain

Pune, Maharashtra, India

Experience: Not specified

Salary: Not disclosed

Transportation Admin

Pune, Maharashtra, India

Experience: Not specified

Salary: Not disclosed

Quality Assurance Processor

Pune, Maharashtra, India

Experience: Not specified

Salary: Not disclosed

Admin – File Opener

Pune, Maharashtra, India

Experience: Not specified

Salary: Not disclosed

Mock Interview

Practice Video Interview with JobPe AI

Start Job-Specific Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.

Job Application AI Bot

Apply to 20+ Portals in one click

Download Now

Download the Mobile App

Instantly access job listings, apply easily, and track applications.

Enhance Your Skills

Practice coding challenges to boost your skills

Start Practicing Now

Davies

Login to

Please Verify Your Phone or Email

Confirm Action

Information Security Risk Officer