t a n l a
Connecting
people and things
Home pageAbout Tanla Blog Values Careers The Team News Room Investors Esg
Manager - IT Governance, Risk & Compliance
Chennai

Role: Manager – GRC

Location: Chennai

Policies & Documentation Standards

  • Design and development of security policies, standards, and procedures in accordance with organization goals.
  • Support and co-ordinate with internal stakeholders on preparing information security documentation.
  • Actively establish & strengthen relationships with external and internal customers/stakeholders. Assist in developing knowledge assets such as methodologies, operating procedures, process documents, templates, white papers etc.
  • Evaluate and advise on the implementation and effectiveness of the cybersecurity safeguards to ensure that they provide the intended level of protection.
  • Provide insights to IT and Business Teams on secure development & implementation of Information Systems.

Risk Assessment

  • BCMS, QMS, ISMS Risk assessment, Awareness activities, Data Privacy, VAPT etc.
  • Perform risk assessments to identify gaps in compliance to information security standards and policies and devise strategies and implement controls to minimize the risk.
  • Proactively identify risks and escalate to project stakeholders. Data security governance, data classification, data security design, security management, personal information compliance and protection consulting.
  • Provide security guidance on emerging technologies (IoT, Blockchain etc.)
  • Control evaluation for cloud engagements & Offsite development centers & Control evaluation of Outside Service Providers (Suppliers of IT services)

Training & Awareness Program

  • Conduct cyber security trainings and awareness sessions
  • Monitor for attacks, intrusions and unusual, unauthorized or illegal activity

VA & VAPT

  • Penetration testing of products and systems.
  • Lead engagements from kick-off with product owners through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines.
  • Perform Web Application Penetration Testing Network Penetration Testing Mobile Penetration Testing and Code Review independently based on the guidance from leads.
  • Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems
  • Familiarity with industry-leading standards, such as NIST, CIS benchmarks, and OWASP
  • Familiarity with browser, Web service, cloud security, mobile applications’ security, and operating system security concepts
  • Understanding of leading vulnerability scoring standards, such as CVSS, and ability to translate vulnerability severity as security risk

Internal Audit & Reporting

  • Should independently handle internal audits (with minimal support from the leads) to ensure compliance with ISO 27001/ISO 22301/ISO 9001 requirement as well as process specific requirements.
  • Responsible for the effective documentation of internal audits (reports) with accurate mapping to control points.
  • Assist with the preparation of weekly / fortnightly / monthly reports.
  • Provide Security and Control metrics to Senior Management
  • Point out the non-conforming areas and suggest measures to improve the information security posture

Why join us?

We thought you would never ask! We offer all the usual stuff: competitive salary, flexible working hours, challenging product culture but the real perks are:

• Challenging and fun work environment solving meaningful real-life business problems - you will never have a boring day at the office.

• World-class team who love solving tough problems and have a bias for action. Tanla is an equal opportunity employer.

We welcome and encourage diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status.

www.tanla.com

 

Open Positions
Quality Assurance Manager - Business ExcellenceBackend EngineerUX DesigenrData ScientistData EngineerProduct MarketingProduct AnalystLead - Product ManagerSDE II / III (Python Dev)SDE II / III - Front End (Vuejs)IT & NE II (Network Admin)Executive- Front OfficeIntern - CampaignsIT & Network Engineer III / IV (Network Admin)Sr Executive - FinanceSr Technical Writer Sr Talent Acquisition SpecialistProcess Analyst - Data ProtectionLead - SEOAffiliate Sales ManagerData EngineerNOC Engineer - InfraNOC Engineer - NetworkSite Reliability Engineer QA Engineer - SQE III / IVManager- Product MarketingMarketing Co-ordinatorMarketing SpecialistSr Analyst - ESGContent Specialist- MarketingPre Sales SpecialistManager - IT Governance, Risk & ComplianceEnterprise SalesCustomer Success ManagerCarrier Relations ManagerSystems Engineer IVDevops Engineer IICustomer Operations IIProduct ManagerStaff Engineer - FullstackInternational -Carrier Relations Technical Account ManagerPre Sales Specialist Product OperationsIntern - Systems EngineerCloud Application Support EngineerProject ManagerData Management Engineer IV (Power BI Apache Superset)SDE III / IV ( Dot Net Developer)SDE III (PHP & YII)Systems Engineer II / III (L2 Support)Intern - Technical Support Technical Support Engineer (L1 Support)SDE II / III (Golang)DME III /IV (MY SQL DBA)Key Account ManagerCustomer Service Delivery (Regulatory)
Products
Wisely Trubloq Messaging Voice IOT
Solutions
Mobile operators Enterprises
COMMUNITY
Blog Case studies
Careers
Contact
© 2023, Tanla, all rights reserved
Disclaimer
Copyright
Privacy Policy
Site Map
Design by