Information Security Officer
Role- Information Security Officer
JioSaavn is South Asia’s leading audio streaming service to access, discover, and listen to favourite songs & Podcasts across languages and genres. We blend digital technology, data analysis (which we have affectionately coined Music Science), and a strong, fearless business acumen to reach all corners of the globe. Our award-winning mobile products, partnerships, innovations and thought leadership have been featured in some of the world’s leading publications, from The New York Times, to The Wall Street Journal, The Economic Times to Forbes, and many more.
At JioSaavn, we ignite passion and performance to work towards a collective goal: creating the perfect mobile entertainment ecosystem that delivers the best possible music experience to millions of listeners around the world. Our default mode is that of perpetual innovation. Together, we form a concerted rhythm that goes beyond borders. We don't just go with the flow, we create it.
JioSaavn offers a dynamic and unconventional work environment, full of fun wholesome experience. We believe creativity and technology blend together like sweet melodies. When you choose JioSaavn, you join a diverse world of high-calibre techies, artists, and inventors hailing from companies like Yahoo!, Twitter, LinkedIn, Google, Qualcomm, HBO, Microsoft, Flipkart, Amazon, Paytm, Quikr etc.
Our value-based, people-first work culture is about empowering every individual in our team to be catalysts for change in this dynamic digital world. Every day is an opportunity to bring your vision to life, and to expand, learn and grow. No idea is left unconsidered. No voice is left unheard.
JioSaavn prides itself on being an equal opportunity employer. We have committed ourselves to creating a safe environment with fair and equal access and opportunities, sans discrimination. We encourage everyone to be open to experiences and perspectives beyond their normal; divergent thinkers create differentiated products, and even better music.
If our vibe matches with yours, we'd love to hear from you.
JioSaavn is South Asia’s leading music streaming service. We are over 300 entrepreneurs, across New York, California, Mumbai, Gurgaon, and Bangalore, who help music lovers access, discover, and listen to their favorite songs across languages and genres. In early 2018, a merger between JioMusic and Saavn was announced; creating a combined entity valued at over $1 billion.
We blend digital technology, data analysis (which we have affectionately coined Music Science), and a strong, fearless business acumen to reach all corners of the globe. Through partnerships with Apple, Google, Amazon, Facebook, Twitter and Shazam - to name a few - JioSaavn reaches more music fans across the world. Our award-winning mobile products, partnerships, innovations and thought leadership have been featured in some of the world’s leading publications, from The New York Times, to The Wall Street Journal, The Economic Times to Forbes, and many more. We are well-funded by some of the world’s most successful institutional investors and global media companies as well as a number of strategic individuals. Beyond investing, they are advisors and supporters of our vision, our passion, and our collective ability to deliver a revolutionary music experience as the leader in India.
The Information Security Officer (ISO) is accountable for ensuring appropriate controls are in place for the security of information assets. The ISO safeguards information by seeing that security risks are identified, assessed, accurately reported, and remediated. Additionally, the ISO is charged with ensuring local procedures and activities comply with all regulatory requirements and internal and parent company policies, procedures, guidelines, and standards. The ISO is the center of competence for Information Security providing an advisory services role and acting as the focal point for security compliance-related activities and responsibilities.
- Take the lead on developing, maintaining, and updating the Information Security Strategy and Information Security Program
- Diligently maintain Company’s Information Security Framework and underlying policies, procedures, standards, and guidelines
- Actively ensure appropriate administrative, physical, and technical safeguards are in place to protect the organization's information assets from internal and external threats
- Meticulously identify, introduce and implement appropriate procedures, including checks and balances are in place to test these safeguards on a regular basis
- Thoroughly conduct and complete annual reviews and audits as required engaging both internal business teams across the organization and external resources. Make sure that disaster recovery and emergency operating procedures are in place and tested on a regular basis
- Assists organization to ensure compliance to the applicable regulatory compliance requirements in the areas such as ISO: 27001, SOC II, PCI- DSS, and GDPR
- Act as the committed owner of the security incident and vulnerability management processes from design to implementation and beyond
- Passionately manage and assist in performing ongoing security monitoring of information systems including assessing information security risk through qualitative risk analysis on a regular basis, conducting functional and gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements as applicable, evaluating and recommending new information security technologies and counter-measures against threats to information or privacy, and developing security reports and dashboards. Work closely with the Group Information Security team to implement and maintain security standards.
- Ensure effective staff training programs are in place to increase security awareness across the company.
- Engineering Degree in Computer Science or Information Technology combined with 2 to 5 years of related experience in Cyber Security, Risk, Compliance, or Audits.
- Recognized industry certification such as CISSP, CISSLP, GIAC, CISM, ISO27001-Lead Implementer, or other security certification at a similar level
- Significant experience in applying ISO-27001 standards, and Indian regulatory and statutory security requirements (IT Act, GDPR, etc.) to business and technical environments while providing a service-oriented approach to maintain compliance.
- Proficiency in performing IT Security risk, business impact, control, and vulnerability assessments.
- Good understanding of business applications, including ERP and financial systems.
- Experience supporting security controls, compliance, and audit activity within organizations with multiple technologies and architectures; Windows, Unix/Linux, VMWare, Oracle, Citrix, SIEM, Firewall, Identity Management system, IPS/IDS, DLP, APT, and other security devices.
- Knowledge of network and server infrastructure, and the associated applications and concepts.
- Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
- Strong project management and communication skills (written and oral) with internal organizations and external/internal auditors.
- Advanced written and verbal communication and presentation skills.
- Excellent managerial, teamwork, and client service skills and understanding of Industry security standards such as ISO 27001, PCI-DSS, ISO 31000, and NIST
- Understanding and management of the audit lifecycle
- Information Security Risk management
BENEFITS AND PERKS:
At JioSaavn, we blur work and play, and you get all the perks of a global company. You will get to work with a dynamic group of entrepreneurs, who are delivering results and working zealously to make a difference in the way the world experiences music.