Senior Security Engineer
NykaaIndia1 day ago
Full-timeInformation Technology
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Role : Security Engineer - II (GRC)
Key Responsibilities
- Creating, updating, and maintaining organization information security policies, and procedures.
- Working with various departments to promote a culture of security awareness and assist in driving the information security training & awareness program.
- Assist in conducting the various simulations and campaigns for awareness and maintain measure the effectiveness.
- Assist in Information security projects implementation as per the projects assigned.
- Identifying & analysing the risks in accordance with the organization policies and process. Maintain and update of the information risk register for monitoring and tracking the risk treatment plans.
- Be an enabler and support business and corporate functions in implementing the risk mitigation plans and audit observations.
- Working closely with IT and other business function for IS assessments and various risk review activities.
- Track, monitor and report the status of the information security exceptions identified and notified to CISO function.
- Assist in various internal and external audits and maintaining security compliance in accordance with PCI-DSS, ISO 27001:2022, NIST CSF, Privacy Framework and other regulatory audits as per the organization requirements.
- Monitor and maintain the KPI matrix and thresholds for the defined security controls for CISO function and management reporting.
- Working closely with Tech/IT and other business function for IS assessments and various risk review activities.
- Keeping abreast of evolving regulatory requirements, industry best practices, and emerging security threats.
CTQ:
- 6-7 years of experience in IT and IS audits and compliance frameworks such as ITIL, ISO 27001:2022, PCI-DSS, NIST CSF, SOC 2 TYPE II. Preferable ISO27001:2022 certified.
- Bachelor’s degree in Computer Science or Computing related discipline.
- Have worked on ISMS policy & procedure and its implementation.
- Have worked in product/technology organizations. Preferable e-commerce industry.
- Knowledge of Risk assessments frameworks.
- Having good documentation skills.
- Are willing to learn from everyone, communicate well, and strive to be an effective team member.
- Analytical skills, result oriented with go-getter attitude.
- Stakeholder management across business unit for the functional requirement.
Key Skills
Ranked by relevanceReady to apply?
Join Nykaa and take your career to the next level!
Application takes less than 5 minutes