About the job
Role: Information Security Manager
Experience: 6-8 Years
Gnani.ai aims to empower enterprises with AI based speech technology.
Gnani.ai is an AI-based Speech Recognition and NLP Startup that is working on voice-based solutions for large businesses. AI is the biggest innovation that is disrupting the market and we are at the heart of this disruption. Funded by one of the largest global conglomerates in the world, and backed a number of market leaders in the tech industry,
We are working with some of the largest companies in the banking, insurance, e-commerce and financial services sectors and we are not slowing down. With aggressive expansion plans, Gnani.ai aims to be the leader in the global market for voice-based solutions.
Gnani.ai is building the future for voice-based business solutions. If you are fascinated by AI and would like to work on the latest AI technologies in a high-intense, fast-growing and flexible work environment with immense growth opportunities, come and join us. We are looking for hard-workers, who are ready to take on big challenges.
- Support business teams to achieve and maintain their security and compliance posture in accordance with ISO 27001, GDPR, HIPAA, Data Privacy, etc
- Validate ongoing compliance of policies and process/procedures in support of requirements and ensure that controls are operating effectively
- Prepare responses to client questionnaires and RFPs on information security, compliance and data privacy related areas. Provide support and clarity to customers and users of the information and cyber-security policy framework answering related questions and challenges as they arise
- Interface and engage both management and other functions in organization on information security compliance related activities and processes
- Lead the effective publication of policy materials and documents Risk Management
- Present and report regularly infosec dashboard to management and stakeholders
- Assist with the development of technical security risk and compliance documentation
- Document and Communicate status and compliance effectiveness to management on a regular basis
- Conduct regular internal audits on information security
- Manage external audits from customers, stakeholders and regulatory agencies
- Maintain and manage ISMS related documents, reports, and artefacts
- Coordinates the issuance of access control and drive change management activities
- Manage vendor and third-party due diligence documentation
- Internal consultant for IT domain leads, administrators for security infrastructure, and assisting them to implement security devices configuration controls for firewalls, Internet connectivity, Proxies, IPS and router etc
- Certification – ISO 27001, CISA, CISSP, CISM (Anyone)
- 3+ years of experience in Compliance, Security, or IT Audit experience
- Total experience of 6-8 years
- Any graduate or master’s degree in science, engineering or technology
- Strong knowledge in Project Management, IT Security Architecture Design
- Prior experience with managing other security compliance like HIPAA, GDPR, ISO 27018, SOC1 & 2, ISO 27001, PCI DSS, etc. is a plus.
- Must be self-driven, and interact and work with different functions and departments of the organizations on compliance
- Excellent communication skills and to independently drive other coordinators on compliance related activities
- Ability to organize, conduct and drive meetings and outcomes with little to no manager involvement. Must be aware of and deliver a quality stakeholder engagement experience
- Experience working with Internal and External Audit teams
- This role will have considerable engagement with all business units, committees, and other stakeholders across the Company. Successful candidates will be expected to lead and deliver a range of complex activities in the fields of information security management.
- Looking at the bigger picture, correlate the action and impact, Influence, control and enforce
- Think long term, think for the customer, think for practicality.