Cvent India Pvt. Ltd.

1 job(s) at Cvent India Pvt. Ltd.

Cvent India Pvt. Ltd. Gurgaon, Haryana, India
Apr 12, 2017
Full time
The Security Risk and Compliance Lead provides technical direction for the risk management and compliance functions within the Information Security team. This person will conduct activities ranging from policy, auditing, and risk analysis to overall risk mitigation. This individual will also build, develop, and maintain relationships with our internal stakeholders and external vendors to help mature and enhance our enterprise-wide compliance with security. Position Duties: Responsible for all activities within the security compliance and risk management lifecycle. These activities include: risk analysis, auditing, mitigation, and governance & policy. Develop, update, and monitor compliance with information security policies designed to ensure the confidentiality, integrity, and availability of Cvents systems and data. Manage periodic independent security audits, i.e. ISO, PCI, SSAE16, SOX Manage internal and client information security audits Manage contract security terms and negotiation as needed Oversee Cvents Security Product as a Service program to ensure products are developed in compliance with security standards and practices Oversee due diligence, auditing, and monitoring of vendors and suppliers Oversee Cvents periodic penetration tests and triage remediation for vulnerabilities identified Leads efforts in developing/improving process, procedures, and documentation for all aspects of security Desired Candidate Profile 5+ years of Information Security or related technology experience, preferably in a SaaS Product environment Relevant security knowledge and experience in two or more of the following areas: compliance, risk management, incident response, threat intelligence, network/host intrusion detection, security operations Demonstrated experience helping an organization successfully complete independent compliance audits under PCI, SOX, etc. Well-versed in recognized security industry standards and leading practices, i.e. ISO, PCI, NIST, CIS, FedRamp, Advanced knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases) Bachelors degree in Computer Science or Information Technology CISSP or security-related certification is preferred Education- UG: B.Tech/B.E. - Any Specialization