Location
Bangalore | India
Job description
Purpose of the role
This role has been established to support the business to build a strong risk management framework at Amagi. The basic factor required to be successful in this role warrants a good understanding of the business, product, and engineering functions in the company. The focus is to build a risk based rather than compliance based framework. We strongly believe a strong risk management framework is pivotal in earning certifications and demonstrating compliance with leading security standards.Â
What are we looking for in potential candidates
- Be a team playerÂ
- Inclination to be hands-on at work Â
- Believe in adopting an innovative approach towards cybersecurity risk management
- Willingness to learn technical aspects of security
- Self starter
Who will the role report into
This role will report to the Associate Director Information Security
What is the scope of operation
- Product and EngineeringÂ
- Enterprise IT Security Controls (required for compliance exercise)
What is the desired outcome in the next two years
- A strong cyber security framework tailored to business implemented across Amagi.Â
- Standardization of security controls across all Amagi ProductsÂ
- Continuous monitoring and reporting of risk posture of the organizationÂ
- Automated solutions monitoring the implementation effectiveness of the controls
Key ResponsibilitiesÂ
- To build a cyber risk framework contextualized for Amagi's product and compute environment.Â
- To build solutions that enables continuous monitoring and scoring of risk
- To build artifacts based on best practices tailored to Amagi's context to adopt and demonstrate compliance to leading security standards.
- To continuously monitor the controls and highlight any deviations.Â
- To support products to achieve required security compliance certifications.Â
- To manage Amagi's Security Awareness ProgramÂ
- Co-Ordinate Incident response (correction and investigations) and document the RCA
Requirements Required CompetenciesÂ
- Basic understanding and working knowledge in AWS / GCP.Â
- Working knowledge in the usage of bug tracking (Jira) and service management tools.
- Good understanding of security standards and security best practices for cloud and application development.
- Understanding of Security Frameworks, risk management and Control validationÂ
- Basic understanding about the product features and their workflow.Â
- Hands on experience of handling risk governance and compliance in a cloud based SaaS environment
- Good documentation skills.Â
Work Experience
- 7-9 Years of Security Governance, Risk Management and Compliance (Inclusive of at least 3-5 years of experience in Public Cloud Security)
Job tags
Salary
