Senior Information Security Engineer - Chennai, India - SurveySparrow

Description

We are seeking an experienced Information Security Engineer with a minimum of 6 years of relevant experience to join our dynamic team. The ideal candidate will be responsible for ensuring the security and integrity of SurveySparrow's systems, networks, and data. This role requires a strong background in program management, governance risk and compliance (GRC), incident response, and threat detection. Additionally, the candidate must possess excellent communication skills and the ability to interact effectively with customers and stakeholders.

Responsibilities:

1. Program Management: Develop and implement information security programs and initiatives to protect SurveySparrow's assets and data.
2. Governance Risk and Compliance (GRC): Ensure compliance with relevant standards and regulations such as ISO, HIPAA, GDPR, and SOC. Conduct risk assessments and implement controls to mitigate identified risks.
3. Threat Detection: Monitor and analyze security events and incidents to identify potential threats and vulnerabilities. Develop and implement strategies for threat detection and response.
4. Incident Response: Lead the incident response process, including detection, analysis, containment, eradication, and recovery. Coordinate with cross-functional teams to address security incidents effectively.
5. Customer Calls: Engage with customers to address security-related inquiries, concerns, and requirements. Provide guidance and support to ensure customer satisfaction and compliance with security standards.
6. Filling RFCs and RFPs: Collaborate with the sales and product teams to respond to requests for proposals (RFPs) and requests for changes (RFCs) related to information security.

Qualifications:

1. Bachelor's degree in Computer Science, Information Technology, or related field.
2. Minimum of 6 years of experience in information security, with a focus on program management, GRC, threat detection, and incident response.
3. Strong understanding of relevant standards and regulations such as ISO, HIPAA, GDPR, and SOC.
4. Experience in conducting risk assessments and implementing security controls.
5. Proficiency in security tools and technologies for threat detection and incident response.
6. Excellent communication and interpersonal skills, with the ability to interact effectively with customers, stakeholders, and cross-functional teams.
7. Relevant certifications such as CISSP, CISM, or CISA are preferred but not required.
8. Ability to work independently and collaboratively in a fast-paced, dynamic environment.