Principal - Information Security & @ Symphoni HR

Job Description

Company Description ValuEnable is an InsureTech company which offers multi-stack enterprise solution to Life Insurance companies in India to collaborate and deliver superior customer service and achieve higher business retention. Our solution includes the Content and Delivery Stack, Policy Loan Marketplace, and Policy Assignment Platform. We are led by founders with years of deep industry experience and are supported by Rainmatter Fintech Investments and a group of angels. Role Description This is a full-time on-site role located in Mumbai for a Principal in Information Security & Compliance/Governance. The Principal will be responsible for ensuring that ValuEnable's enterprise solution complies with information security regulations and enforces compliance and security policies to ensure compliance with industry standards and regulatory requirements and clients InfoSec objectives. The Principal will also monitor the company's risk and provide recommendations to senior. management. Qualifications Bachelor's degree in Information Systems, Computer Science, or a related field 8+ years of experience in information security and compliance Deep knowledge of information security standards, regulations, and best practices Experience with security and risk management frameworks, such as ISO 27001, CIS Critical Security Controls, and NIST Cybersecurity Framework Experience with auditing and assessing compliance for enterprise systems and third-party vendors Excellent communication and collaboration skills Strong analytical and problem-solving skills Key Responsibilities 1) Control Framework Management: Develop, implement, and maintain a robust IT and InfoSec control framework. Regularly assess and update controls to mitigate risks and enhance security posture. Compliance and Regulatory 2) Governance: Ensure compliance with relevant industry standards and regulatory requirements. Stay abreast of changes in regulations and implement necessary controls to address new requirements and inculcate automated control reports of severe risk controls 3) Risk Assessment: Conduct regular risk assessments to identify and prioritise potential threats. Collaborate with cross-functional teams to develop and implement risk mitigation strategies. 4) Incident Response: Lead the development and maintenance of an effective incident response plan. Coordinate with internal teams to respond to and recover from security incidents. Policy Development and Enforcement: Develop and update IT and InfoSec policies in line with industry best practices. Enforce compliance with policies through regular audits and training programs. 5) Change Management: Develop and implement effective change management processes for IT and InfoSec controls. Ensure that changes to systems, processes, and policies are assessed for security implications and comply with established controls. 6) Vendor Risk Management: Evaluate and manage risks associated with third-party vendors. Work closely with procurement and legal teams to ensure vendors meet security requirements. Interested candidate can write to hidden_email and hidden_email, along with your latest resume, earliest data of joining. Regards, ValuEnable

Employement Category:

Employement Type: Full time
Industry: Others
Role Category: Securities TradingAudit
Functional Area: Not Applicable
Role/Responsibilies: Principal - Information Security &

+ View Contact

Keyskills:   Information Security Compliance Governance Risk Management Auditing Communication Collaboration Analytical Skills Problemsolving