JOB TITLE: SECURITY OFFICER
LOCATION: MUMBAI, INDIA
JioSaavn is South Asia’s leading music streaming service. We are over 300 entrepreneurs, across New York, California, Mumbai, Gurgaon, and Bangalore, who help music lovers access, discover, and listen to their favorite songs across languages and genres. In early 2018, a merger between JioMusic and Saavn was announced; creating a combined entity valued at over $1 billion.
We blend digital technology, data analysis (which we have affectionately coined Music Science), and a strong, fearless business acumen to reach all corners of the globe. Through partnerships with Apple, Google, Amazon, Facebook, Twitter and Shazam - to name a few - JioSaavn reaches more music fans across the world. Our award-winning mobile products, partnerships, innovations and thought leadership have been featured in some of the world’s leading publications, from The New York Times, to The Wall Street Journal, The Economic Times to Forbes, and many more. We are well-funded by some of the world’s most successful institutional investors and global media companies as well as a number of strategic individuals. Beyond investing, they are advisors and supporters of our vision, our passion, and our collective ability to deliver a revolutionary music experience as the leader in India.
At JioSaavn, we ignite passion and performance to work towards a collective goal: creating the perfect mobile entertainment ecosystem that delivers the best possible music experience to millions of listeners around the world. Our default mode is that of perpetual innovation. Together, we form a concerted rhythm that goes beyond borders. We don't just go with the flow, we create it.
JioSaavn offers a dynamic and unconventional work environment, full of fun wholesome experiences – from in-office performances by some of the world’s most beloved musicians to opportunities for international travel. We believe creativity and technology blend together like sweet melodies. When you choose JioSaavn, you join a diverse world of high-calibre techies, artists, and inventors hailing from companies like Yahoo!, Twitter, LinkedIn, Google, Qualcomm, HBO, Microsoft, Flipkart, Amazon, Paytm, Quikr, MSN, and NDTV. We are one of the few digital companies to provide employment opportunities that meet the Silicon Valley benchmark – right here in Mumbai! Figures, since we’ve got Silicon Valley covered, too.
Our value-based, people-first work culture is about empowering every individual in our global team to be catalysts for change in this dynamic digital world. Every day is an opportunity to bring your vision to life, and to expand, learn and grow. No idea is left unconsidered. No voice is left unheard.
With listeners speaking multiple languages in almost every country in the world, we like to think we have the most diverse user base on the planet. This has only been made possible because of the value we place on radical inclusivity in our offices across the globe. We believe different is wonderful, and what sets us apart is also what brings us closer. JioSaavn prides itself on being an equal opportunity employer. We have committed ourselves to creating a safe environment with fair and equal access and opportunities, sans discrimination. We encourage everyone to be open to experiences and perspectives beyond their normal; divergent thinkers create differentiated products, and even better music.
If our vibe matches with yours, we'd love to hear from you.
The Information Security Officer (ISO) is accountable for ensuring appropriate controls are in place for the security of information assets. The ISO safeguards information by seeing that security risks are identified, assessed, accurately reported and remediated. Additionally, the ISO is charged with ensuring local procedures and activities comply with all regulatory requirements and internal and parent company policies, procedures, guidelines and standards. The ISO is the center of competence for Information Security providing an advisory services role and acting as the focal point for security compliance related activities and responsibilities.
- Take the lead on developing, maintaining and updating the Information Security Strategy and Information Security Program
- Diligently maintain Company’s Information Security Framework and underlying policies, procedures, standards and guidelines
- Actively ensure appropriate administrative, physical and technical safeguards are in place to protect organization's information assets from internal and external threats
- Meticulously identify, introduce and implement appropriate procedures, including checks and balances, are in place to test these safeguards on a regular basis
- Thoroughly conduct and complete annual reviews and audits as required engaging both internal business teams across the organization and external resources. Make sure that disaster recovery and emergency operating procedures are in place and tested on a regular basis
- Assists organization to ensure compliance to the applicable regulatory compliance requirements in the areas such as ISO: 27001, SOC II, PCI- DSS, and GDPR
- Act as the committed owner of the security incident and vulnerability management processes from design to implementation and beyond
- Passionately manage and assist in performing on-going security monitoring of information systems including assessing information security risk through qualitative risk analysis on a regular basis, conducting functional and gap analyses to determine the extent to which key business areas and infrastructure comply with statutory and regulatory requirements as applicable, evaluating and recommending new information security technologies and counter-measures against threats to information or privacy, and developing security reports and dashboards. Work closely with Group Information Security team to implement and maintain security standards.
- Ensure effective staff training programs are in place to increase security awareness across the company.
- Significant experience in applying ISO-27001 standards, and Indian regulatory and statutory security requirements (IT Act, GDPR etc.) to business and technical environments while providing a service oriented approach to maintain compliance.
- Proficiency in performing IT Security risk, business impact, control and vulnerability assessments.Good understanding of business applications, including ERP and financial systems.
- Experience supporting security controls, compliance and audit activity within organization with multiple technologies and architectures; Windows, Unix/Linux, VMWare, Oracle, Citrix, SIEM, Firewall, Identity Management system, IPS/IDS, DLP, APT and other security devices.Knowledge of network and server infrastructure, and the associated applications and concepts.
- Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
- Strong project management and communication skills (written and oral) with internal organizations and external/internal auditors.Advanced written and verbal communication and presentation skills
- Excellent managerial, teamwork and client service skillsUnderstanding of Industry security standards such as ISO 27001, PCI-DSS, ISO 31000, NISTUnderstanding and management of audit lifecycleInformation Security Risk management
• Engineering Degree in Computer Science or Information Technology combined with 8 to 10 years of related experience in Cyber Security, Risk, Compliance or Audits
• Recognized industry certification such as CISSP, CISSLP, GIAC, CISM, ISO27001-Lead Implementer or other security certification at a similar level