Who We Are
Sirion is the world’s leading AI-native CLM platform, pioneering the application of generative AI to help enterprises transform the way they store, create, and manage contracts. The platform’s extraction, conversational search, and AI-enhanced negotiation capabilities have revolutionized contracting across enterprise teams – from legal and procurement to sales and finance. The world’s most valuable brands trust Sirion to manage 7M+ contracts worth nearly $800B and relationships with 1M+ suppliers and customers in 100+ languages. Leading analysts such as Gartner, IDC, and Spend Matters have consistently recognized Sirion as a leader in CLM for its focus on category-leading innovation.
Role Title
: Information Security and Data Privacy GRC Professional
Team
: Information Security
Location
: Gurgaon/Bangalore
Reports To
: CISO
About The Role
We are looking for experienced professionals in
Information Security
and
Data Privacy Governance, Risk, and Compliance (GRC)
to join our team. The ideal candidate will possess a deep understanding of information security frameworks, risk management practices, and data privacy regulations. This role requires a hands-on, proactive approach in ensuring our organization’s security and privacy standards align with both internal policies and external regulations.As a part of this role, you will be responsible for designing and implementing GRC strategies, managing security audits, and ensuring compliance with data protection regulations, while working closely with cross-functional teams.
What You’ll Do
Governance, Risk, and Compliance (GRC):
- Develop, implement, and maintain GRC strategies, policies, and frameworks across the organization.
- Conduct risk assessments, including vendor, third-party, and internal assessments, to identify and mitigate information security and privacy risks.
- Ensure compliance with industry standards and regulations, such as GDPR, HIPAA, ISO 27001, SOC 2, PCI DSS, etc.
- Monitor and manage the organization's compliance with internal and external security and privacy policies.
- Facilitate internal and external audits and assessments, providing necessary documentation and support.
Data Privacy
- Oversee data privacy initiatives, including data classification, data governance, and privacy impact assessments (PIAs).
- Implement and maintain privacy policies, ensuring adherence to global regulations such as GDPR, CCPA, and other regional data protection laws.
- Serve as the subject matter expert for data privacy issues and collaborate with legal teams to address regulatory inquiries.
Risk Management
- Identify, assess, and prioritize risks related to information security and privacy across various business units.
- Develop and implement risk mitigation plans and controls to minimize the impact of potential threats.
- Monitor and report on the effectiveness of controls and risk treatment plans.
Security Awareness & Training
- Develop and deliver security awareness training programs to employees, emphasizing data privacy, information security best practices, and regulatory compliance.
- Promote a culture of security awareness across the organization through workshops, seminars, and regular communication.
Collaboration & Leadership
- Work closely with cross-functional teams including IT, Legal, Engineering and Product to drive security and privacy initiatives.
- Provide leadership and guidance to junior team members and stakeholders, ensuring alignment with the organization's security objectives.
What You’ll Need
Certifications (Preferred):
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
- Certified Data Privacy Solutions Engineer (CDPSE)
- ISO 27001 Lead Implementer / Auditor
- GDPR Certification
Soft Skills
- Strong leadership and decision-making skills.
- Excellent verbal and written communication skills.
- Ability to work in a fast-paced, dynamic environment.
Commitment To Diversity And Inclusion
We are an equal opportunity employer committed to diversity and inclusion. We do not discriminate based on race, color, gender, religion, national origin, ancestry, age, disability, medical condition, genetic information, military or veteran status, marital status, pregnancy, gender identity, sexual orientation, or any other protected characteristic. We provide reasonable accommodations for disabled employees and applicants as required by law. These principles apply to all aspects of employment, including recruitment, training, promotions, compensation, benefits, transfers, and social programs.
Excited about this opportunity?
We’d love to hear from you! To apply, simply visit our Careers Page Careers at Sirion page and follow the easy steps to submit your application.
