Information Security Officer - (GRC)
- Jumio
- 14 - 16 years
- Bengaluru
- 2 months ago
- Email to a friend
- Report this job
Job Description
Role Purpose :
The Information Security Officer operates within the governance, risk & compliance service provided by Jumio s security function through the GRC team.
The role acts as the security interface between the Information security strategic and process-based activities and other critical teams, like Engineering, Machine Learning, Product , Sales,HR and Legal.
Role Value :
The role holder reports into the GRC Lead and they need to positively influence other members of the security team as well as other departments across Jumio.
Example Responsibilities :
Governance & Risk Management:
- Develop, implement, and maintain governance, risk management, and compliance frameworks as per organization needs and policies aligned with industry best practices.
- Conduct regular risk assessments to identify, evaluate, and prioritize risks across the organization, ensuring timely mitigation actions are implemented.
- Lead risk reviews with business stakeholders and senior management to ensure risks are effectively managed and mitigated.
- Shape the strategy and direction of our security operating model, helping focus on utilising the right skill sets on the most appropriate subjects.
Compliance & Regulatory Requirements:
- Support the ISMS operation and associated independent security certification activities for SOC2, ISO 27001 and PCI DSS.
- Management of security policies and processes, to ensure operational efficiency, meeting regulatory compliance, and support for regional demands.
- Create and manage a business continuity program for Jumio product offerings.
Control Assessment & Reporting:
- Prepare regular compliance and risk reports for senior leadership, highlighting key risk areas, trends, and performance against key compliance metrics.
- Ensure documentation is maintained for all key GRC activities, including risk registers, audit logs, and quarterly compliance status reports.
Internal & External Audits:
- Planning and execution of external and internal audit activities as required.
- Assisting fellow Jumio s in understanding and pragmatically responding to security audit findings.
Collaboration & Stakeholder Engagement:
- Work closely with business teams (e.g.,Legal, HR, Product, Engineering, IT , ML) to ensure alignment on risk management and compliance initiatives.
- Delivery high-frequency communications regarding progress on security programs.
Training
- Annual information security training course design and implementation.
- New ideas for ongoing security culture improvements
Continuous Improvement:
- Support the implementation of a GRC platform or enhance existing systems to streamline risk and compliance management.
- Continuously evaluate and improve the organizations GRC processes and tools, leveraging industry best practices, automation, and innovative solutions.
Customer Assurance
- Assist and lead multiple customer security audits.
- Respond to customers security questionnaires.
Experience and Qualifications :
- A strong passion for information security and a proactive approach to improving the organisations security posture.
- Ability to demonstrate contemporary information security concepts, best practices and strategies.
- Expert level of managing SOC 2, and ISO 27001, this is essential; knowledge of PCI DSS would also be beneficial.
- In-depth understanding and hands-on experience of how information security can impact an organisation; you can give examples and explain both positive and negative impacts.
- Comfortable providing high quality updates to various levels and global audiences, including video.
- A bachelors degree in information systems or equivalent work experience; an M.B.A. or M.S. in information security is preferred.
- Excellent communication skills in English both written and verbal.
Great to have Experience and Qualifications :
- CISSP, CISM, or CRISC certification
- (Internal) Consulting experience
Job Classification
Industry: IT Services & ConsultingFunctional Area / Department: IT & Information SecurityRole Category: IT SecurityRole: Chief Information Security Officer (CISO)Employement Type: Full timeContact Details:
Company: JumioLocation(s): Bengaluru+ View Contact
Keyskills: Assurance Manager Internal Audit Automation Information security Consulting Risk management Gaming Operations Financial services Recruitment
Fraud Alert to job seekers!
₹ Not Disclosed
Similar positions
Jumio
Jumio helps organizations to know and trust their customers online. From account opening to ongoing monitoring, the Jumio platform provides AI-driven identity verification, risk signals and compliance solutions that help you accurately establish, maintain and reassert trust.
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in