Information Security Analyst (GRC)

About Us UnitedLex India Pvt Ltd(erstwhile iRunway India Pvt Ltd) is a data and professional services company delivering outcomes that create value and competitive advantage for legal and the business. Our business is anchored by a passion for innovation brought to life by a global community of diverse individuals determined to deliver on the promise of data mastery, legal acumen, and human ingenuity JOB DESCRIPTION JOB TITLE: Analyst FTH Information Security | 6 months LOCATION: Gurugram, India BUSINESS UNIT: Information Technology REQUIREMENTS & COMPETENCIES: - Bachelors degree in related field. - Hands on Knowledge on ISO 27001:2022, NIST 800-171 or SOC2 - 0-1 year of experience of working in Governance, Risk and Compliance. - Experience with the ISO 27001 security standard including performing assessments and participating in certification process is a plus - Good Communication skills (Oral and Written). - Flexibility to cover both day and nighttime shifts. - Should be able to work independently, with Internal Stakeholders, Vendors and drive the calls whenever required. - Support the annual information security certification reviews by external auditors Familiarity with various information security frameworks (e.g., NIST Cyber Security Framework, etc.) Familiarity with risk governance tools used for the risk assessment process and/or other regulatory assessments - Certified ISO 27001:2013 Lead Implementer or Certified ISO 27001:2013 Lead Auditor is a plus. - Strong time management skills. RESPONSIBILITIES: - Recommend information technology policies, standards and guidelines by evaluating the organizations outcomes, identifying problems, evaluating trends, and anticipating requirements - Reporting ISMS performance metrics and key risks to senior management - When applicable, conduct the information security risk assessment program. Review compliance with the information security policy and associated procedures and practices - Conducts initial triage of security events and incidents. - Research and educate the IS organization around specific standards and regulations that might apply to different domains while monitoring their implementation throughout the security ecosystem and provide recommendations to the relevant stakeholders. - Keep up to date with emerging security threats and alerts, emerging products, services, protocols, and standards in support of security enhancement and development efforts. - Provide technical guidance to IS teams by means of coaching and mentorship to achieve project goals to the required level of quality. - Onboard new hires, train, and share knowledge, take an active role in technical mentoring and elevating team knowledge. - Enforce quality processes (i.e. performing technical root cause analysis, outlining corrective action forgiven problems) and ensure that all the project agreed deliverables are completed to the required level of quality. - Help in coordinating InfoSec gap remediation with stakeholders e.g. with BU relation managers, External Assessors, and third parties, etc. Able to review control evidence and provide suitable suggestions to the Business Partners - Schedule, execute and document critical meeting minutes for both internal and external stakeholders (e.g. Team meetings, Operation/Calibration calls with Assessors, gap remediation calls, etc.)- Answering RFPs and security questionnaire Please refer to our Privacy Policy at UnitedLex for information,