Information Security & Risk Analyst @ Mumbai

Position: Information Security & Risk Analyst Location: Mumbai Duration: Contract to Hire 1. Safeguard enterprise information assets in a dynamic and high-risk environment 2. Govern enterprise devices and digital solutions to ensure secure, compliant operations 3.

Identify, assess, and prioritize information security risks and implement mitigation controls 4. Monitor and manage vulnerabilities through the exception management process 5. Collaborate with IT and cybersecurity teams to strengthen security infrastructure 6.

Track emerging security threats, trends, and prevention measures 7. Communicate security initiatives and issues with internal and external stakeholders 8. Coordinate with cross-functional teams to drive security improvements 9.

Enhance the information security management framework for business and regulatory alignment 10. Support security sign-off processes to ensure secure project deployment Ensure enterprise information security by analysing governing controls, ISMS, risk and change management, third-party and vulnerability oversight, audit compliance, executive reporting, and security awareness to protect critical assets and reduce organizational risk 1. Professional Certifications: Industry-recognized certifications such as ISO/IEC 27001 (LA/LI) or equivalent certifications are highly desirable. 2.

Leadership Experience: Demonstrated experience in leading and managing information security teams, including hiring, mentoring, training, and performance management. 3. Security Program Management: Proven ability to design, implement, and manage comprehensive information security programs, initiatives, and controls across the organization. 4. Strategic Security Planning: Experience in developing and executing long-term information security strategies aligned with business objectives and organizational priorities. 5.

Threat & Technology Awareness: Strong track record of staying current with emerging cyber threats, technologies, and industry trends, and adapting security strategies accordingly. 6. Business Acumen: Solid understanding of business operations and objectives, with the ability to position information security as a business enabler. 7. Risk & Compliance Expertise: In-depth knowledge of risk management frameworks and regulatory/compliance standards such as ISO/IEC 27001 ISO 31000, and other relevant regulations.