Lead – Information Security
Tiger Analytics is global analytics consulting firm. With data and technology at the core of our solutions, we are solving some of the toughest problems out there. Our culture is modelled around expertise and mutual respect with a team first mindset.
Working at Tiger, you’ll be at the heart of this AI revolution. We are headquartered in the Silicon Valley and have our delivery centers across the globe.
Tiger is certified for ISO 27001:2013 and ISO 27701:2019, undergoes SOC 2 Type 2 assessment, and attested for GDPR and HIPAA. Given that data being the core of Tiger’s business, the opportunities, and learnings on various domains of information security and privacy will be enormous. The below is an India-based role – you will be working in a hybrid work model from our Chennai office.
About the role:
As an Infosec Lead, you will
- Monitor information security operations and compliance, report control gaps to stakeholders and ensure closure of the gaps for the designated offshore work centres and corporate infosec practises
- Take part in client, internal and external audits
- Monitor compliance with client contracts
- Collaborate with stakeholders from different departments to implement, monitor and perform tasks for risk reduction
- Implement new technologies and processes as required in conjunction with various stakeholders
- Support business development in terms of responding to client specific information security questionnaire and review of the contracts
- Report the performance of the infosec practises to the management via status reports and review meetings
Required Experience, Skills & Competencies:
- 7+ years of experience in Infosec with 2 years Lead experience
- Certified ISO 27001:2013 lead implementor
- Self-motivated, good interpersonal and communication skills
- External audit participation experience is a mandate
- Basic understanding of the security technologies such as Firewall, anti-virus, DLP, NGAV, EDR, etc.
- Good to have: Exposure to privacy practises (ISO 27701) & laws (GDPR & HIPAA), application security, GRC tool implementation, SOC 2 Type 2 trust principles and assessment lifecycle.