brand logo
View All Jobs

Senior Lead-Information Security and Privacy Compliance

Chennai
Job Description
  • As a Senior Lead - Information Security & Privacy Compliance you will focus on enabling compliance with the various information security & privacy requirements of the organization, and also ensure the effective & efficient functioning of the controls implemented. 
  • You will plan, lead, and manage compliance-related activities such as conducting assessments, audits, testing, and issue remediation related to ISO 27001, ISO 27701, SOC 2 Type 2, GDPR, HIPAA,client contracts, client policies and the organization's policies.
  • Develop detailed checklists and control testing procedures to systematically evaluate compliance and security posture.
  • Document the findings and provide risk-based assessments of the control environment, addressing control gaps.
  •  Evaluate project-specific controls, identify potential risks, and ensure that project teams follow organizational & client security standards.
  • Work with project managers and stakeholders to review control implementations, assess the project compliance, and recommend risk mitigations and control enhancements where necessary.
  • Identify, track, and report deficiencies in the organization's information security and privacy controls, working with relevant stakeholders to ensure timely remediation.
  • Stay up-to-date on the latest information security and privacy threats and trends.
  • Collaborate with other departments to ensure that the organization's information security and privacy controls are aligned with business objectives.
  • Orient and lead a team of security professionals to handle the above tasks.
Job Requirement
  • Bachelor's degree in computer science, information systems, or a related field.
  • 8+ years of experience in information security and privacy auditing.
  • ISO 27001 & ISO 27701 Lead Auditor certification or CISA is an added advantage.
  • Working experience in information security and privacy standards/regulations.
  • Hands-on experience in any GRC tool to streamline audit workflows, track compliance metrics, and produce insightful reports for management.