4+ Information security Jobs in Pune | Information security Job openings in Pune

Job Brief:

 

You'll be joining Mindtickle’s InfoSec and Compliance team, which is responsible for various functions related to Security, Privacy, and Compliance around Mindtickle's rapidly growing cloud platform. You'll play a crucial role in all our compliance & information security initiatives, including but not limited to those arising from regulations (e.g., GDPR, CCPA, UK DPA 2018, FINRA), audit requirements (e.g., SOC 2, HIPAA), and customer/ prospects requests (typically large enterprises).

 

As Data Privacy & Compliance Manager, you will champion the highest data privacy standards and drive forward compliance across all of Mindtickle. Crucial to this role will be an expert knowledge of international data protection laws and a proactive and pragmatic approach towards data privacy and compliance. 

 

Key Responsibilities:

• Act as the single point of contact for all privacy-related topics, including communication with customers and prospects, including RFPs, emails, or privacy calls

• Closely working with the internal legal team and external legal counsel to support the review of third parties/customer data processing addendums (DPAs), standard contractual clauses, contracts, and other data protection agreements

• Maintain the data protection terms agreed with customers in a contract management software

• Perform due diligence of new third parties and periodic risk review of existing third parties, including processes around sub-processors

• Support in other industry compliance projects such as ADA, Section 508, WCAG, FINRA, 21 CFR Part 11, etc.

• Lead the assessment of new legislation or other regulatory changes (GDPR, CCPA, UK DPA 2018, LGPD, PIPEDA, Swiss FDAP) and make recommendations as necessary to ensure that risks are mitigated as well as ongoing compliance

• To work flexibly and collaboratively across all teams in the organization while driving privacy & compliance-related projects, including sales, customer success, product, and engineering

• Own internal and external privacy audit projects, including planning, scoping, need analysis, ongoing project management, and communications with all relevant stakeholders

• Onboard privacy solutions, design, build and deploy data privacy programs on the solutions to ensure compliance with privacy requirements

• Maintain Records of Processing Activities (ROPA) and ensure Privacy By Design for new features/changes in the platform

• Undertake all other reasonable and related tasks associated with this role
  
  

Desired Qualification:

• 5-10 years of experience in data privacy and compliance, with exposure to cloud software platforms

• Extensive experience in data protection and knowledge of relevant legislation, including GDPR, Standard Contractual Clauses, Transfer Impact Assessment, CCPA, UK DPA 2018, LGPD, PIPEDA, Swiss FDAP, etc.

• Certifications such as CIPP/E, CIPP/US, CIPM, CIPT, etc., are preferred

• Specialist knowledge in a relevant area, e.g., data security and individual rights requests

• Excellent communication, interpersonal, project management, and issue resolution skills

• Excellent analytical skills, organizational skills, ingenuity, and the ability to work as part of a team

• Experience in managing privacy audits and risk management processes

• Demonstrated ability to learn quickly, take the initiative, and drive complex projects

 

Qualifications & Responsibilities

 

Year of Experience : 3- 8 yrs

 

Location : Bangalore, Delhi, Mumbai, Pune

 

Work on ISO 27001 & NIST based Information Security Management System implementation and sustenance.

-          Responsible for SOX (IT Security Controls) and track the monthly/quarterly/annual control reports and drive effectiveness of SOX controls.

-          Work on Business Continuity Planning, IT Disaster Recovery as per ISO27001 & NIST requirements

-          Assess information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk

-          Conduct Information Systems audits covering IT infrastructure assets

-          Working knowledge in security domains such as: security governance policies and procedures, risk management, compliance, access control, network security, security architecture, security incident response, disaster recovery, business continuity management, privacy and data protection

-          Experience in leveraging industry standards and frameworks such as ISO/IEC 27001, NIST CSF/800-171, etc.

-          Possesses certifications such as ISO27001 LA. CISSP, CISA certification- preferred

 

Why NCG?

 

WHO WE ARE DRIVES WHAT WE DO!

 

We Don't build the organization; we create an everlasting family. Our people express a sense of winning together when times are good and sticking together when times are tough.

 

Are you a Doer or Achiever?

 

Well, at NCG, our doors are Open for Doers and Achievers alike. We are a Cult where we create, innovate, learn and Contribute in a comfortable, transparent, and fair environment.

 

Joining NCG means contributing to a shared ambition for reliable work culture, tackling extraordinary technological challenges in multicultural teams, preserving your work/life balance, and more!

Our ideal candidate is someone who is an exceptional JS developer with significant experience on React and Node. You should be able to build and support complex applications single-handedly with a keen eye towards UX, design, security and performance. Additionally you will need to have a basic understanding of microservices, API integrations to aid in achieving our vision of building the most robust and scalable integration platform in the B2B Retail + Food verticals. You will be responsible for architecture, design and implementation of the entire system to support thousands of customers globally. Our stack is primarily built around Node, PHP, React, Angular, Mongo, PHP and advanced Infra and DevOps tools such as Kubernetes, Grafana, Prometheus, ELK and more.

Mentoring should come naturally to you, as well as finding the right balance towards process and documentation.

Highlights:
1) You will be working on interesting technical challenges in a product centric and open-source driven environment.
2) You will help set a very high bar on code quality with a focus on test driven development and writing highly performant, fault tolerant and secure code.
3) You will take ownership of product features from conception to implementation, testing deployment and support.
4) A lot of freedom on when and where you work from - just get stuff done.
5) You will open source as much as possible, and blog about cool things that you learnt and built.
6) You will help define who we become as a company.
7) You will get stock options in line with silicon valley standards.


Caveats:
1) We have a strict no-divas rule. There are a lot of smart engineers on the team but no one with an attitude / superiority complex.
2) If you think writing tests for your code, writing docs, doing customer support etc are not your cup of tea, this isn't the right role for you.
3) Similarly, if you're viewing this just as a 20-40% increment opportunity over your current compensation, this isn't the right role or company for you.


This role can be the growth opportunity of a lifetime for anyone who has been operating as a backend lead and wants to grow into a fullstack CTO. Check out the links below if you'd like to learn more about us. We encourage people from underrepresented groups to apply.

1) Why ShoppinPal? - https://www.youtube.com/watch?v=cE7DgtwA0ws" target="_blank">https://www.youtube.com/watch?v=cE7DgtwA0ws
2) Our hiring philosophy and process http://techstory.in/building-startup-team/" target="_blank">http://techstory.in/building-startup-team/
3) Our culture- https://www.shoppinpal.com/culture">https://www.shoppinpal.com/culture

Security Architectural solutions, designing, Security Analysis, Infrastructure architecture, Application architecture, DevSecOps and cloud understanding, Threat Modelling, Penetration testing, Governance Risk & Compliance