Support and advise on Information Security Management System (ISMS) and associated controls;
Support and advise on management of risk and provide a transparent view of risk posture to stakeholders;
Support and advise on compliance with relevant control standards, regulation and audit requirements;
Provide Information Security Risk Assessment function to the business.
Responsible for the oversight and monitoring of riskin line with the ISMS;
Collaborates with security and audit teams to ensure controls are operating in line with policies.

Key Responsibilities :

Document and monitor risk and control environment to identify existing and emerging risks and issues;
Evaluate and document issues related to changes in the risk environment and risk priorities;
Identify and aggregate thematic risk related to findings and trends, e.g. regulatory preparedness, thematic concerns;
Engage Internal Audit to discuss risk posture and audit inputs;
Communicate heightened risk that is relevant to stakeholders and customers to ensure transparency and appropriate prioritization for remediation;
Understand legal and regulatory obligations relevant to the product and how the processes and associated controls provide evidence of compliance;
Partner with business stakeholders to respond to customers, external audit and regulatory requests for information;
Educate and advise on security policy, standards and procedures;
Manage and maintain external certification activities.

Required Skills, Qualifications, and Experience :

Working within the technical financial services industry, or other highly regulated industries
Information security management, governance, and compliance principles, practices, laws, rules and regulations, e.g. NIST, ISO, NIS, DORA and GDPR;
Information technology systems and processes, network infrastructure, data architecture, data processes and protocols;
Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration, e.g. CIS, CSF;
Information systems auditing, monitoring, controlling, and assessment process;
Incident response management, e.g. ITIL;
Risk assessment and management methodology, e.g., NIST, ISO 27005;
Security training techniques and reporting activities.
Developing and implementing enterprise governance, risk, and compliance strategy and solutions;
Researching and understanding security information related to internal and external organizations using online and other sources;
Management of technology vulnerability and threat information;
Security project management and planning;
Risk management, information security and audit management lifecycles.

More Jobs at Ion

ION A Platform - Information Security Analyst

delhi, delhi, india

2.0 - 5.0 yrs

INR 2 - 5 Lacs

Senior Business Consultant - Allegro

noida, uttar pradesh, india

3.0 - 7.0 yrs

INR 3 - 7 Lacs

ION A Platform - M&A Analyst

mumbai, maharashtra, india

1.0 - 5.0 yrs

INR 1 - 5 Lacs

Smalltalk Developer

delhi, delhi, india

8.0 - 13.0 yrs

INR 8 - 13 Lacs

Smalltalk Developer

bengaluru, karnataka, india

8.0 - 13.0 yrs

INR 8 - 13 Lacs

Mock Interview

Practice Video Interview with JobPe AI

Start Job-Specific Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.