Information Security Auditor

The Information Security Auditor will work across the organization to ensure Nextivas compliance with global security and privacy regulations. This will be achieved by establishing strong working relationships with system and control owners and applying knowledge of IT infrastructure to develop security policies and procedures monitor compliance and remediation efforts conduct internal audits and support external audits. Monitoring and assessments will include periodic reviews of user access firewall configuration and vendors. The auditor will also perform periodic internal security and privacy compliance audits document and report gaps and non-conformities and lead remediation efforts with internal teams. The auditor will support external audits by working with internal teams to collect control evidence and manage the audits to achieve compliance.

Key Responsibilities:

• Assess compliance of the organization to industry standards security frameworks and privacy regulations
• Review and update security and privacy policies and procedures to ensure consistency with new and evolving requirements
• Plan and conduct internal audits of the design and effectiveness of the organizations security and privacy controls policies processes and procedures
• Document audit findings identify and report gaps and risks in controls and lead remediation efforts
• Support external audits by working with the auditor and internal asset process and control owners to gather and submit evidence for compliance
• Keep up to date with changes in security frameworks regulatory changes and commercial requirements that affect the organizations compliance including all countries where Nextiva provides or intends to provide service
• Work with product development teams infrastructure and other parts of the organization to define policies and procedures implement remediation plans and monitor compliance
• Effectively use available AI tools to plan and conduct audits develop policies and procedures and document audits
• Perform other duties to support the security and compliance of the organization as required
• Comply with organization information security policies

Qualifications:

• Bachelors degree in an IT related field or equivalent experience and 2-5 years of experience in working in IT security software development or IT or information security audit
• Strong knowledge of IT infrastructure and networking including data center infrastructure cloud infrastructure (GCP and AWS) IP networking firewalls IDS/IPS and endpoint security tools backup and recovery identity and access management application security and SIEM tools
• Understanding of security and privacy frameworks and regulations including SOC 2 ISO-27001 UK Cyber Essentials NIST NIS2 HITRUST PCI-DSS HIPAA GDPR and CPRA
• Desired certifications one or more of the following: CISSP (Certified Information Systems Security Professional) Certified Information Security Manager (CISM) SSCP (Systems Security Certified Practitioner) CCSP (Certified Cloud Security Professional) or CompTIA Security
• Flexibility to work extended hours and off-hours to support global project teams

Competencies:

• Strong analytical problem-solving skills and attention to detail
• Organization Time Management & Prioritization - Self-starter that focuses on key priorities; plans organizes schedules and executes on tasks and projects in an efficient and productive manner
• Ability to form productive relationships across the organization to accomplish information security objectives
• Ability and willingness to learn all aspects of the information security field
• Professional verbal and written communication skills in English
• Expresses ideas using clear effective and efficient language. Listens patiently and attentively. Adapts to the purpose of communication with appropriate style substance detail confidence and channel. Possess the ability to manage multiple channels of communication simultaneously; phone email tickets and chat
• Able to assess document and prioritize identified security control gaps and vulnerabilities based on risk

Nextiva DNA (Core Competencies)

Nextivas most successful team members share common traits and behaviors:

• Drives Results:Action-oriented with a passion for solving problems. They bring clarity and simplicity to ambiguous situations challenge the status quo and ask what can be done differently. They lead and drive change celebrating success to build more success.
• Critical Thinker: Understands the why and identifies key drivers learning from the past. They are fact-based and data-driven forward-thinking and see problems a few steps ahead. They provide options recommendations and actions understanding risks and dependencies.
• Right Attitude: They are team-oriented collaborative competitive and hate losing. They are resilient able to bounce back from setbacks zoom in and out and get in the trenches to help solve important problems. They cultivate a culture of service learning support and respect caring for customers and teams.

Total Rewards

Our Total Rewards offerings are designed to allow our employees to take care of themselves and their families so they can be their best in and out of the office.

Our compensation packages are tailored to each role and candidates qualifications. We consider a wide range of factors including skills experience training and certifications when determining compensation. We aim to offer competitive salaries or wages that reflect the value you bring to our team. Depending on the position compensation may include base salary and/or hourly wages incentives or bonuses.

• Medical - Medical insurance coverage is available for employees their spouse and up to two dependent children with a limit of 500000 INR as well as their parents or in-laws for up to 300000 INR. This comprehensive coverage ensures that essential healthcare needs are met for the entire family unit providing peace of mind and security in times of medical necessity.
• Group Term & Group Personal Accident Insurance - Provides insurance coverage against the risk of death / injury during the policy period sustained due to an accident caused by violent visible & external means.
  • Coverage Type - Employee Only
  • Sum Insured - 3 times of annual CTC with minimum cap of INR
  • Free Cover Limit - 1.5 Crore
• Work-Life Balance - 15 days of Privilege leaves per calendar year 6 days of Paid Sick leave per calendar year 6 days of Casual leave per calendar year. Paid 26 weeks of Maternity leaves 1 week of Paternity leave a day off on your Birthday and paid holidays
• Financial Security - Provident Fund & Gratuity
• Wellness - Employee Assistance Program and comprehensive wellness initiatives
• Growth - Access to ongoing learning and development opportunities and career advancement

At Nextiva were committed to supporting our employees health well-being and professional growth. Join us and build a rewarding career!

#LI-RQ1 #LI-Hybrid