Lead - Compliance Information Security

Lead - Compliance Information Security
Zenoti, India

Experience
1 Year
Salary
0 - 0
Job Type
Job Shift
Job Category
Traveling
No
Career Level
Telecommute
No
Qualification
As mentioned in job details
Total Vacancies
1 Job
Posted on
Mar 6, 2021
Last Date
Apr 6, 2021
Location(s)

Job Description

Hey, you want to look and feel your best, right? Well, we’ve got good news for you.

Yoga and meditation studios, health and fitness facilities, beauty parlors, and spa retreats are stepping up worldwide to help you uncover the greatest version of yourself. But a rapidly blossoming wellness industry needs some world-class business management software to go with it. A one-stop solution to take care of all business aspects, letting wellness providers uncover the greatest version of themselves.

Enter Zenoti.

At Zenoti, we believe in the greatness in everyone it’s our raison d’être. That’s why we came up with an all-in-one cloud-based solution that allows salons, spas, and medspas to focus on elevating guest experiences while we take care of the details. Why each Zenotian is empowered to achieve greatness and love every minute of it. And why we infuse our youthful spirit and an abundance of passion into all we do.

Already a leader in SaaS solutions for wellness companies, we’ve got some big-name American and European brands under our belt. To name a few, Zenoti powers Lakme, O2 Spa, Mario Tricoci, Truefit amp; Hill, MGM Resorts, Bellagio, Sonobello, and Massage Heights. With over 10,000 clients in more than 32 countries, we’re set to transform how the wellness industry does business within the next few years and loving every minute of it!

While we’re small on ego, we’re big on excellence and can’t resist a humblebrag. We captured the 170th spot in North America on Deloitte’s Technology Fast 500 list. Franchisee India deemed us fit for the Best Technology Supplier for Salon / Spa for 2019 award. And we’d be remiss if we didn’t mention our 300+ new clients last year or the new brand we unveiled. OK, that’s a few humblebrags but we hope you’ll understand and share our excitement.

Want to join us on this incredible journey? Connect with us at https://www.zenoti.com and find out how to unleash your inner greatness.

Our products are built on Windows .NET and SQL Server and managed in AWS. Our web Ux stack is built on jQuery and some areas use AngularJS. Our middle tier is in C# and we build our infrastructure on an extensive set of Restful APIs. We build native iOS and Android apps, and are starting to experiment with Flutter and Dart. For select infrastructure components we use Python extensively, and use Tableau for analytics dashboards. We use Redshift, Aurora, Redis Elasticache, Lambda, and other AWS products to build and manage our complete service, moving towards serverless components. We deal with billions of API calls, millions of records in databases, and terabytes of data to be managed with all services we build that have to run 24x7 at 99.99% availability.

Requirements

What will I be doing?

  • Define, implement, and manage contractual certification requirements like SOC1, SOC2, ISO27001, Privacy(GDPR,CCPA, ISO 27701), HIPAA, and PCI DSS
  • Plan and conduct internal reviews and audits in line with SOC1, SOC2, ISO27001, Privacy(GDPR,CCPA, ISO 27701), HIPAA, and PCI-DSS.
  • Serve as a subject matter expert on at least 3 of the above standards/frameworks
  • Assist internal stakeholders; Work with control owners throughout the company on the process and documentation that supports compliance requirements.
  • Define, Implement and Manage Policies, Procedures, Processes, and controls.
  • Assess design effectiveness, continually monitor operating effectiveness of controls, conduct vendor risk assessments, track and monitor risk treatment plans, coordinate with the various Business Functions on BCP Testing, Perform Privacy Impact Assessments and Business Impact Analysis
  • Perform Security Incident Management and Reporting including RCA
  • Properly document the audit process, ( including evidence gathered ), and ensure all the audit issues are tracked to closure with proper RCA. Ensure all the stakeholders have the necessary understanding and acceptance of audit issues

What skills do I need?

  • At least 7 years of relevant and direct hands-on experience in implementing, auditing, and managing certifications like SOC1, SOC2, ISO27001, Privacy(GDPR,CCPA, ISO 27701), HIPAA, and PCI-DSS
  • Subject Matter expertise on at least 3 of the above-mentioned standards/frameworks
  • Work as an Individual Contributor
  • Experience in Risk Assessment Methodologies, Ability to perform Vendor Risk Assessments.
  • Ability to perform Privacy Impact Assessments and Business Impact Analysis
  • Experience in performing Incident Management and Reporting including RCA
  • Be Proactive, organized, analytical, detail-oriented and persistent
  • Certification preferred: CISA, CISM, CISSP, CIPP/E
  • Previous Experience in a Product SaaS company is an advantage

Benefits

  • You will receive a competit

Job Specification

Job Rewards and Benefits

Zenoti

Information Technology and Services - Manchester, United Kingdom
© Copyright 2004-2024 Mustakbil.com All Right Reserved.