Group Manager - Compliance And Security Engineer Job in Medibuddy

Key Responsibilities: Leadership and Team Management: Lead and manage a team of compliance and security professionals, fostering a collaborative and high-performance culture. Provide guidance, mentorship, and professional development opportunities for team members. Compliance Strategy and Governance: Develop and oversee the implementation of compliance strategies, policies, and procedures to ensure adherence to relevant industry regulations and standards (e.g., GDPR, HIPAA, ISO 27001). Should be able to lead the company towards documenting, maintaining and implementing necessary controls related to ISO 27001 and other laws of land in relevance with our Corporate Clients. Stay updated on changes in regulations and assess their potential impact on the organization's compliance posture. Security Measures and Protocols: Define and implement security measures, protocols, and controls to protect the organization's information assets, networks, and systems from threats and vulnerabilities. Collaborate with the IT and security teams to ensure the implementation of best practices in cybersecurity. Risk Assessment and Mitigation: Conduct regular risk assessments and vulnerability assessments to identify potential security risks and compliance gaps. Develop and execute risk mitigation strategies and action plans. Incident Response and Management: Design and lead the organization's incident response plan, ensuring quick and effective responses to security incidents and breaches. Coordinate with cross-functional teams during incident response activities, including containment, investigation, and resolution. Training and Awareness: Develop and deliver training programs to educate employees about compliance requirements, security best practices, and data protection. Foster a culture of security awareness throughout the organization. Audits and Assessments: Coordinate and manage internal and external compliance audits and assessments. Should be able to manage parallelly audits and assessments in coordination with multiple internal teams. Ensure timely remediation of any identified issues and follow up on audit recommendations. Reporting and Documentation: Prepare regular compliance and security reports for executive management, highlighting key metrics, risks, and progress. Maintain accurate documentation of compliance and security measures, processes, and incident response activities. Qualifications and Requirements: Bachelor's degree in a relevant field; Master's degree or professional certifications (e.g., CISA, CISSP, CISM) are a plus. Lead Auditor Certification is a plus Proven experience (10+ years) in compliance and security roles, including leadership and team management responsibilities. In-depth knowledge of industry regulations, standards, and frameworks related to compliance and security. Strong understanding of cybersecurity principles, risk assessment methodologies, and incident response protocols. Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex topics to non-technical stakeholders. Analytical mindset and problem-solving skills to identify and address compliance and security issues. Experience with compliance audit processes, risk assessments, and security toolsets. Ability to adapt to a dynamic and evolving regulatory environment and implement necessary changes. High ethical standards and a commitment to maintaining confidentiality and integrity. Demonstrated leadership capabilities and the ability to mentor and develop team members.