Information Security Specialist

Information Security Specialist

About the Role

Location India Maharashtra Pune Company Siemens Energy Industrial Turbomachinery India Private Limited Organization EVP Global Functions Business Unit Digital Core Full / Part time Full-time Experience Level Experienced Professional

A Snapshot of Your Day
Imagine stepping into a role where you lead the charge in IT risk management and compliance. You will develop, implement, and maintain robust frameworks that protect our organization. Collaborating with multi-functional teams, you will assess and mitigate risks, ensuring our systems are secure and compliant. Your insights will drive strategic decisions, and your reports will be pivotal in guiding senior management. Join us in making a significant impact on our organization’s security posture!

How You’ll Make an Impact

You will develop, implement, and maintain IT risk management frameworks, policies, and procedures.

You will conduct risk assessments and control evaluations across IT applications, systems, and processes.

You will coordinate IT asset vulnerability management, including identification, tracking, and remediation of vulnerabilities.

You will collaborate with multi-functional teams to identify, assess, and mitigate IT risks.

You will monitor compliance with internal policies and external regulatory requirements.

You will prepare and present risk reports to senior management and collaborators.

You will support audits and regulatory examinations by providing vital documentation and insights.

What You Bring

A minimum of 10 years of work experience in IT, with at least 5 years in IT risk management and compliance.

A bachelor’s or master’s degree in engineering with Computer Science/IT or equivalent.

A sound understanding of risk management frameworks (, COBIT, ISO 27001, NIST).

Experience with GRC tools and risk assessment methodologies.

Hands-on experience with IT asset vulnerability management tools and processes.

Understanding of global risk and compliance frameworks and standard methodologies.

CRISP certification.

Excellent communication, analytical, and collaborator management skills.

Familiarity with data privacy regulations (, GDPR, DPDP Act).

Good to have IT project management experience and additional certifications such as CISA, CISM, or CISSP.

Experience in financial services, consulting, or regulated industries is a plus.