Role Details
POSITION: Infosec Delivery Manager
Location: Bangalore/Remote
About SCRUT Automation
Scrut Automation is an information security and compliance monitoring platform, aimed at helping small and medium cloud-native enterprises develop and maintain a robust security posture, and comply with various infosec standards such as SOC 2, ISO 27001, GDPR, and the like with ease. With the help of the Scrut platform, customers reduce their manual effort for security and compliance tasks by 70%, and build real-time visibility of their security posture.
Founded by IIT/ISB/McKinsey alumni, the founding team has over 15 years of combined Infosec experience. Scrut is built out of India for the world, with customers across India, APAC, North America, Europe and the Middle East. Scrut is backed by Lightspeed Ventures, MassMutual Ventures and Endiya Partners, along with prominent angels from the global SaaS community.
Overview of the Job Profile
This position is responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected.
Responsibilities
Understanding the Policies and Procedures of the Client and suggesting improvement points related to Information Security.
Understanding the setup of the On-Premise and Cloud Infrastructure of Clients and suggesting improvement points related to Information Security.
Preparation of Policies and Procedures for Information Security.
Impart training on Information Security.
Performing Infosec Internal Audits covering all departments as per ISO 27001 requirements
Requirements
Degree in Engineering (Computer Science/IT) /MCA/ Business administration a
technology-related field required.
Minimum of 3-4 years of experience in a combination of risk management, information security and IT job
Should be flexible working in US Shift timing.
Professional security management certification (Like ISO 27001 Lead Auditor / Lead Implementer Certification or (CISA or CISSP) will be an added advantage.
Knowledge of common information security management frameworks, such as ISO/IEC 27001, SSAE 21, Privacy Framework – ISO27701, PCI DSS and NIST (Optional).
Good to have knowledge and experience on SOC 1, SOC 2, SOC 3 reports and assessments
Knowledge of security controls of AWS / Microsoft Azure will be an added advantage
Excellent written and verbal communication skills and a high level of personal integrity
Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams