POSITION: Senior Manager Information Security
Location: Bangalore
About SCRUT Automation
Scrut Automation is a one-stop shop for infosec compliance. It supports IT/ITES/SaaS companies in automating their information security compliance tasks and reduces manual work in maintaining compliance by ~70%. Founded by IIT/ISB/McKinsey alumni, the founding team has over 15 years of combined Infosec experience. Scrut is backed by Lightspeed Ventures and Endiya Partners, along with prominent angels from the global SaaS community.
The Scrut platform provides the fastest solution for achieving and maintaining compliance across global standards, including but not limited to SOC 2, ISO 27001, GDPR, HIPAA, PCI-DSS, or CCPA, through its truly 'single window' operations. Scrut acts like an organization’s virtual CISO, so they can focus on their business and leave compliance to Scrut.
Overview of the Job Profile
This position is responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected.
Responsibilities
Understanding the Policies and Procedures of the Client and suggesting improvement points related to Information Security.
Understanding the setup of the Cloud Infrastructure of Clients and suggesting improvement points related to Information Security.
Preparation of Policies and Procedures for Information Security.
Impart training on Information Security.
Performing Infosec Internal Audits covering all departments as per ISO 2700,SOC 2/GDPR requirements
Requirements
Degree in Engineering (Computer Science/IT) /MCA/ Business administration in a technology-related field required.
Minimum of 2-3 years of experience in Information security, Governance, Risk and Compliance
Understanding of Unified/Secure Controls Framework
Exposure to one or more infosec audits and implementation like ISO 27001/SOC 2/GDPR/PCI DSS is a must.
Exposure to one or more privacy audits and implementation like ISO 27701/GDPR is a must.
Professional security management certification (Like ISO 27001 Lead Auditor / Lead Implementer Certification or CISA or CISSP) will be an added advantage.
Knowledge of security controls of AWS / Microsoft Azure / GCP will be an added advantage.
Excellent written and verbal communication skills and a high level of personal integrity
Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
Regulatory Compliance like SAR-DL, PPI, PAPG, RBI Master Guidelines, IRDA related requirements.
Knowledge on ISO 42001 would be an added advantage
Why should this job excite you?
Opportunity to make an early impact on one of the most promising, high-growth SaaS startups in India
A high-performing action-oriented team
Immense exposure to the founders and the leadership
Opportunity to shape the future of B2B SaaS Customer Success with YOUR innovative ideas
The competitive compensation package, benefits, and employee-friendly work culture