Information Security Risk Manager It Job in Raw Engineering Llc

Information Security Officer

What we build is what identifies us. We work with the best companies in the world to build the most innovative and robust technologies.

In order to continue our accelerated growth, we are waiting for an innovative engineer to become available instead of hiring the first available engineer who is waiting to become innovative. This listing is for an Information Security Risk Manager IT & Cybersecurityfor our team.

Who is Surfboard Ventures?

Serving as the parent organization for Contentstack, Raw Engineering, and iRoboKids, we have over 12 years of experience providing content management services, professional training, and innovative digital transformation solutions. We are headquartered in San Francisco, with offices in Austin, Mumbai, Pune, and Amsterdam.

Our vision is to collaborate to achieve perfection, and we value positivity, learning, ownership, excellence and believe in building trust and care. Feel free to read more about us at https://www.surfboardventures.com/

What will you do:

• The Information Security Risk Manager s primary responsibilities are to assess the IT and Information Security risks associated with utilizing third party products and services, working closely with our legal team to review agreements, contracts, DPAs and other legally binding documents from a security standpoint, and responding to security questionnaires from current and potential customers. Secondary responsibilities will include internal risk management / mitigation, participating in security compliance related activities, and other information security related projects.

What skills do you need

• Experience (5+ years):
• Experience in the software industry with demonstrated professionalism, growth, and trustworthiness
• Experience in third-party risk management. Experience in operational risk management, risk assessment, regulation, compliance, cybersecurity, and IT risk
• Experience in contract and vendor security reviews
• Experience in cloud computing
• This position requires close review of detailed documentation and interaction with international vendors and customers - strong written and verbal English communication skills is required
• Ability to communicate effectively with various audiences at all levels of the organization, from technical resources to senior leadership
• Demonstrated attention to detail
• Demonstrated and substantial success in mentoring peers, building processes, creating business value, and creating quality end-user experiences at scale

Mandatory skills:

• Working technical knowledge of industry best practices and commonly used frameworks & standards (e.g., NIST SP 800-53, NIST SP 800-171, SOC 2/SSAE18, ISO 27001,ISO 22301, CSA Star).
• Possess intermediate-level understanding of risks and controls pertaining to logical security, software development life cycle, business continuity, backups and disaster recovery, data center controls, cloud computing, IT compliance, and privacy (e.g., GDPR, CCPA).
• Understanding the fundamentals of Amazon Web Services, Google Cloud Platform,
• Microsoft s Azure, and other cloud platforms IS A MUST.
• Experience using GRC, IRM and/or Vendor Risk Management software.
• Gathering requirements for processes and translating them into functional and technical requirements via a solution.
• Holds a CISSP, CISM, CISA, CRISC, CCSP, CASP+, Security+ or similar certification IS A PLUS

What we offer:

Our growth is enabled and accelerated by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities.

• Interesting Work: This is the challenge yourself kind of workplace where you constantly learn something new and never stop growing
• Competitive Compensation: We reward your high performance. Rewards are higher when you work smart and efficient without dropping a sweat.
• Great place to work: With spontaneous office happy hours and team events, we don t think you ll ever be bored. A majority of our workforce are young, energetic and passionate individuals who are driven by technology, and fuelled by the fun at the workplace.
• People: You have a team that will trust you and work together to achieve excellence. As a team, we believe in looking after each other s back. We are ONE team ONE dream and act as such.
• Culture: Open culture where everyone is approachable with minimal hierarchy.
• Medical Benefits: Mediclaim coverage for the employee and their dependents (spouse and children). Group Accidental Policy covering permanent disability, total disability and death.

Job type Full time employment

Job location Virar - Mumbai, Maharashtra, India

Work schedule Monday to Friday, 10am to 7pm

Minimum qualification Graduate

Year of experience 5+ years of experience in maintaining the IT and cybersecurity risk management and TPRM procedures, and
enhance existing framework and processes

Reporting to Manager of IT, Information Security

Travel opportunities - On need basis within/outside India. Candidate should have valid passport

There is so much more that we can talk about this role and the workplace. If you are passionate about your career as we are, email your profile to [email protected] . After receiving your application, we will assess your profile and reach out to you if it aligns to the job description for this role. You will also be assigned to one of our recruiting specialists who can answer questions you might have about the process, role, or company, and help you throughout the interview process.

We look forward to meeting you!

People Team