Jobs
Interviews
Ericsson logo

SME Security Risk and Compliance

0 years

9 Lacs

gurgaon

Posted:2 days ago| Platform: GlassDoor logo

Apply

Skills Required

security risk compliance notifications management audits drive assessment cutting communication certification testing test cybersecurity data reporting monitoring coordination technology service report ethics code localization regulations

Work Mode

On-site

Job Type

Part Time

Job Description

Grow with us

Our Excellent Opportunity!!
Senior Manager - Security Risk & Compliance is responsible for ensuring that the company's processes and systems are monitored and evaluated to meet compliance requirements. Some of the responsibilities include:
  • Regulatory Intelligence - Monitor and analyse regulatory policies, notifications, and guidelines.
  • Compliance - Developing and implementing policies and procedures that ensure compliance with regulatory and ethical standards.
  • Risk management - Identifying and mitigating compliance risks and supporting annual risk assessments.
  • Advisory - Providing guidance to business teams on regulatory compliances.
  • Audits - Conducting compliance reviews and audits and performing due diligence screening on third-party engagements.
  • Decision-making - Overseeing key decision points to ensure appropriate decisions are made.
  • Program management - Work internally with key stakeholders to drive compliance program covering impact assessment of regulatory requirements and identify risks.
Security Compliance landscape
The security landscape is dynamically evolving from a regulatory perspective. Since security is a cross-cutting issue, India has a complex inter-ministerial and inter-departmental institutional framework, with several ministries, departments and agencies performing key functions.


Join our Team

India's cyber security compliance requirements include:
  • Communication Security Certification Scheme (ComSec) notified in 2020 follows Indian Telecom Security Assurance Requirements (ITSAR) and mandates testing in designated Telecom Security Test Labs (TSTL) accredited by National Centre for Communication Security (NCCS).
  • Telecom Cybersecurity Rules 2024 - These rules expand the scope of data collection, increase the responsibilities of telecom entities, and introduce new roles and reporting requirements. They also emphasize a proactive approach to cybersecurity, with a focus on continuous monitoring, rapid response, and coordination between the government and telecom entities.
  • Information Technology (The Indian Computer Emergency Response Team and Manner of Performing Functions and Duties) Rules, 2013 (2013 rules), established the Computer Emergency Response Team (CERT-In) and put in place obligations on intermediaries and service providers to report cybersecurity incidents to the CERT-In.
  • Directions on information security practices, procedure, prevention, response and reporting of cyber incidents for a safe and trusted internet, issued in 2022 by the CERT-In, add to and modify existing cybersecurity incident reporting obligations under the 2013 rules.
  • Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (SPDI rules) require companies that process, collect, store or transfer sensitive personal data or information to implement reasonable security practices and procedures.
  • The Information Technology (Guidelines for Intermediaries and Digital Media Ethics Code Rules, 2021) require intermediaries to implement reasonable security practices and procedures to secure their computer resources and information, maintaining safe harbour protections. Intermediaries are also mandated to report cybersecurity incidents to the CERT-In.
  • Information Technology (Information Security Practices and Procedures for Protected System) Rules, 2018, oblige companies that have protected systems – as defined under the IT Act – to put in place specific information security measures.
  • Data localization - Mandatory data localization is a key provision of the 2024 Cyber Security Regulations in India.
  • Incident reporting and response- All entities are required to report cybersecurity incidents to the Computer Emergency Response Team (CERT-In) within six hours of becoming aware of them.
  • Cyber security audits and compliance- Cyber security audits and compliance are key provisions of the 2024 Cyber Security Regulations in India.
  • National Critical Information Infrastructure Protection Centre (NCIIPC)- The NCIIPC was launched by the Indian government in 2014 and is under the Prime Minister's Office (PMO).

More Jobs at Ericsson

Senior Oracle DBA Consultant

Bengaluru

6 - 9 yrs
|

INR 10 - 14 Lacs

Intern

Bengaluru

Experience: Not specified

|

INR 2 - 3 Lacs

Tech lead FPGA Designer

Bengaluru

10 - 15 yrs
|

INR 10 - 15 Lacs

Tech Lead FPGA Verifier

Bengaluru

10 - 15 yrs
|

INR 8 - 13 Lacs

Full Stack Software Architect

Bengaluru

8 - 13 yrs
|

INR 20 - 25 Lacs

Mock Interview

Practice Video Interview with JobPe AI

Start Job-Specific Interview
cta

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.

Job Application AI Bot

Job Application AI Bot

Apply to 20+ Portals in one click

Download Now

Download the Mobile App

Instantly access job listings, apply easily, and track applications.

Google Play App Store
coding practice

Enhance Your Skills

Practice coding challenges to boost your skills

Start Practicing Now
Ericsson logo
Ericsson

Telecommunications

Kista Stockholm

RecommendedJobs for You

Cradlepoint logo

SME Security Risk and Compliance

Cradlepoint

gurugram

Ericsson logo

SME Security Risk and Compliance

Ericsson

gurgaon

Ericsson logo

SME Security Risk and Compliance

Ericsson

gurugram, haryana

Ericsson logo

SME Security Risk and Compliance

Ericsson

gurgaon

Ericsson logo

SME Security Risk and Compliance

Ericsson

gurugram, haryana