Employment Type: Full-time
Team: Information Security
With unmatched technology and category-defining innovation, Icertis pushes the
boundaries of what’s possible with contract lifecycle management (CLM). The
AI-powered, analyst-validated Icertis Contract Intelligence (ICI) platform
turns contracts from static documents into strategic advantage by structuring
and connecting the critical contract information that defines how an
organization runs. Today, the world’s most iconic brands and disruptive
innovators trust Icertis to fully realize the intent of their combined 7.5
million+ contracts worth more than $1 trillion, in 40+ languages and 90+
**Who we are: **Icertis is the only contract intelligence platform
companies trust to keep them out in front, now and in the future. Our
unwavering commitment to contract intelligence is grounded in our FORTE
values—Fairness, Openness, Respect, Teamwork and Execution—which guide all our
interactions with employees, customers, partners and stakeholders. Because in
our mission to be the contract intelligence platform of the world, we believe
how we get there is as important as the destination
Icertis is looking Sr, Information security Audit and compliance analyst who
will be part of Compliance team and working closely with Compliance manager on
various Audit and compliance initiatives.
- Planning, organizing and performing (ISO27001) internal audits and handling the audit end to end
- Coordinate with various departments such as HR, IT, Cloud Ops, Professional Services, CS for various audits and actions item
- Frond end customer audits, and follow end to end life cycle of customer’s audit engagements
- Exposure to performing Information security risk management and issues management
- Understand all technical evidence and ability to correlate
- Filling up audit assessment and third-party risk assessment questionnaire
- Scale-up and engage in other audits such as FedRAMP, GDPR, SOC, HIPAA and various other compliances
- Assisting with testing of the BCP and tracking actions.
- Following upon pending action from all various audits publishing monthly dashboard
- Creating policy and procedure documentation as needed
- Assisting with the support & ongoing maintenance of the ISO27001 ISMS certification.
- Assisting with tracking and investigating information security incidents and help create RCA
- Review of policies and procedures by co ordinating with various stakeholders
- Keeping Information Security training records up to date by regular follow-ups and publishing the dashboards. Take complete ownership
- ISO 27001 artifacts maintenance by coordination and follow up with various departments
- Preparing various dashboards and artifact collection and maintenance.
- Publishing monthly dashboard of Training records, Pending Audit action points, Risk and Issues
- Act as compliance point of contact and be available during RFP discussions for any compliance-related queries.
- Experience: 5-7 years
- Proven experience in Cloud based compliance engagements.
- Hands on experience and exposure to Cloud environment
- Experience of working on Azure administration, O365 set up, exposure Azure Security governance
- Worked on a SAAS organization audit and has good understanding of Cloud infrastructure management
- Understands Application and infrastructure security at a high level
- Knowledgeon Cloud computing technology is a MUST requirement
- Proven experience in IT Audit and handing various audits
- Very good knowledge of Excel for dashboard preparations
- Understanding of ISO27001. ISO 27017 and 27018 certification audit requirements.
- ISO 27001 Information security management
- Working knowledge of SOC, GDPR
- Proven experience of handling customer audit
- Proven experience of third-party assessments
- Basic knowledge of SharePoint
- Degree qualified or equivalent experience
- Information security related certification. Understanding of ISO 27001 certification audit requirement is mandatory
- BE/BS or MS degree from a reputed university
- This job is available on LinkedIn #LI-MS #LI-Remote
- ISO 27001 LA or CISA /CISSP/CISM (Must)
- Cloud security related certifications such as CCSK
- Other Cloud administration related certification
Icertis, Inc. provides Equal Employment Opportunity to all employees and
applicants for employment without regard to race, color, religion, gender
identity or expression, sex, sexual orientation, national origin, age,
disability, genetic information, marital status, amnesty, or status as a
covered veteran in accordance with applicable federal, state and local laws.
Icertis, Inc. complies with applicable state and local laws governing non-
discrimination in employment in every location in which the company has
Icertis is not open to third party solicitation or resumes for our posted FTE
positions. Resumes received from third party agencies that are unsolicited
will be considered complimentary.
If you are in need of accommodation or special assistance to navigate our
website or to complete your application, please send an e-mail with your
request to email@example.com
By submitting your application you acknowledge that you have read Icertis’s