Director - Information Security

Saviynt is an identity authority platform built to power and protect the world at work. In a world of digital transformation, where organizations are faced with increasing cyber risk but cannot afford defensive measures to slow down progress, Saviynt’s Enterprise Identity Cloud gives customers unparalleled visibility, control and intelligence to better defend against threats while empowering users with right-time, right-level access to the digital technologies and tools they need to do their best work.

Director, Information Security (Location – Bangalore) The Director, Information Security, reports to the CISO, and will oversee various functions within the Information Security team. The position is based in Bangalore.

The candidate will possess the ability to execute, scale, and continuously evolve the Info Sec function to maximize the impact and oversight across the organization. The candidate must be comfortable managing projects in a fact pace environment.  Bachelor's degree with a minimum of 15 years of experience  Possesses strong subject matter expertise in a majority of the below domains  Application Security / Cloud Security  Cyber Defense  Security Architecture  Governance Risk Compliance  Expertise in Data Privacy is a plus.  Must possess excellent communication skills, including the ability to provide excellent written and oral communications by email, presentations, and via mobile communication platforms. This role will involve facilitating discussions, briefing senior executives, and driving project-based outcomes.  Experience in client interfacing roles including supporting customer executives.  Execute on Info Sec initiatives as defined within the security roadmap, while working with the broader Information Security team and technology/product teams  Experience with incident response and analysis is a huge plus, preferably in a leadership role  Knowledge of risk management processes and requirements, including NIST RMF and NIST 800-53 Rev 5 controls  Experience assessing project and technical documentation to ensure compliance with established policies, processes, and procedures.  Knowledge of local legal and regulatory security requirements including HIPAA, FedRAMP, and GDPR/privacy is a plus  Strong stakeholder and relationship management skills  Serve as backup Governance Leader if required. Provide oversight to compliance audits, with the support of the GRC team  Develop and approve (where applicable) Policies, Standards and Procedures per the organization’s governance framework.  Establish and lead risk management activities, including identification of risk and recommended mitigations; track and manage risks and issues from identification through closure.  Conduct risk assessments, compile risk registers, and track risk remediation plans  Respond to requests from customers for information on our security measures  Support the completion of vendor security reviews. Optimize and automate security questionnaire process.  Review security clauses in customer and vendor contracts, when required  Establish, review, and enhance security training and awareness programs  Support the business with customer engagements, including attending customer calls and supporting sales teams  Security tool proficiency and hand-on experience is expected for relevant domains