Assistant Manager- Information Security (SOC1) 230922

About SirionLabs

SirionLabs is a leading SaaS company focused on developing leading edge AI-led solutions for the legal and contract management space. Our product is trusted by Fortune 500s and major global enterprises such as Schneider, Morgan Stanley, Qantas, Unilever, IBM, Vodafone, Alstom, and Novartis, to create, negotiate, and manage +5 million contracts worth more than US$300bn across 100+ countries around the world. As a result, SirionLabs has been recognized by major industry analyst groups such as Gartner, Forrester, Spend Matters, and IDC as a leader in the contract lifecycle management (CLM) domain.

SirionLabs recently closed a US$85 million Series D funding round, which was led by Partners Group, a leading global private markets firm, along with existing investors Avatar Growth Capital, Sequoia Capital India and Tiger Global. This fresh capital infusion will help us fuel AI R&D and expand our global footprint even further.

With over 700 people working across 10+ offices in North America, Europe, and India, SirionLabs is constantly growing and expanding its global footprint

Requirements

Job Role: Assistant Manager – Information Security

Years of Experience required: 7-10 Years

Work Location: Gurgaon

Responsibilities:

• Implement and sustain the SOC1 Type-1 and Type-2, ICFR (Internal Control Over Financial Reporting), internal process audit (ongoing activity), and prepare the assessment reports with recommendations to strengthen the overall process and security.
• Develop ICFR test procedures in coordination with internal stakeholders and will test the operational effectiveness of implemented controls on monthly basis.
• Collaborate with internal stakeholders such as Engineering, DevOps, Product, Finance, Sales, HR, Admin, IT to ensure effective implementation of operational controls and to support remediation efforts.
• Coordinate with external auditing agency and will act as interface between external auditors and internal stakeholders.
• Assist in implementing, maintaining, and monitoring security policies and procedures, including but not limited to security logging and monitoring, security incident management, data leakage prevention, IT system security hardening baseline, access control, change management, backup management, patch management, vulnerability management, etc.
• Assist in maintaining the Unified Controls Framework (UCF) that aligns with organization information security policies, industry standards and regulations applicable to the company and its customers including, ISO 27001, SOC1, SOC 2, HIPAA, NIST 800-53, NIST 800-171, NIST CSF, FedRAMP, ISO 27701, GDPR, CSA CCM.
• Coordinate the Information Security audits/assessments/remediation of Sirion third-party vendors/suppliers and present key risks to the management.
• Support in periodic risk assessments based on ISO 27001 and ISO 31000 based Risk Assessment and Enterprise Risk Assessment (ERM).
• Support in implementation/maintenance of the NIST CSF, NIST RMF, FedRAMP, DOD-IL5/IL6, TISAX, FAR/DFAR, CMMC compliance programs.
• Maintain good knowledge of current technology trends, evaluate new technologies and undertake training to strengthen IT skills as required
• B.E / B.Tech (IT/ CS) / MSc (CS/ (CS/IT)
• Certifications: CISSP, CISA, CCSP, CIPM (at least one)
• Self-driven and initiator
• Ability to multi-task effectively and work under pressure
• Ability to perform general mathematical calculations (advanced excel)
• Ability to conduct research on the latest security standards as required

Educational qualifications and certifications:

Organizational skills:

• Excellent organizational skills to assess needs, organize solutions and achieve results as planned
• Clarity and conciseness in oral and written communications
• Ability to communicate and coordinate with internal departments and external stakeholders/auditors
• Ability to understand the financial processes in terms integrity and security