Job Brief:
You'll be joining Mindtickle’s InfoSec and Compliance team, which is responsible for various functions related to Security, Privacy, and Compliance around Mindtickle's rapidly growing cloud platform. You'll play a crucial role in all our compliance & information security initiatives, including but not limited to those arising from regulations (e.g., GDPR, CCPA, UK DPA 2018, FINRA), audit requirements (e.g., SOC 2, HIPAA), and customer/ prospects requests (typically large enterprises).
As Data Privacy & Compliance Manager, you will champion the highest data privacy standards and drive forward compliance across all of Mindtickle. Crucial to this role will be an expert knowledge of international data protection laws and a proactive and pragmatic approach towards data privacy and compliance.
Key Responsibilities:
-
Act as the single point of contact for all privacy-related topics, including communication with customers and prospects, including RFPs, emails, or privacy calls
-
Closely working with the internal legal team and external legal counsel to support the review of third parties/customer data processing addendums (DPAs), standard contractual clauses, contracts, and other data protection agreements
-
Maintain the data protection terms agreed with customers in a contract management software
-
Perform due diligence of new third parties and periodic risk review of existing third parties, including processes around sub-processors
-
Support in other industry compliance projects such as ADA, Section 508, WCAG, FINRA, 21 CFR Part 11, etc.
-
Lead the assessment of new legislation or other regulatory changes (GDPR, CCPA, UK DPA 2018, LGPD, PIPEDA, Swiss FDAP) and make recommendations as necessary to ensure that risks are mitigated as well as ongoing compliance
-
To work flexibly and collaboratively across all teams in the organization while driving privacy & compliance-related projects, including sales, customer success, product, and engineering
-
Own internal and external privacy audit projects, including planning, scoping, need analysis, ongoing project management, and communications with all relevant stakeholders
-
Onboard privacy solutions, design, build and deploy data privacy programs on the solutions to ensure compliance with privacy requirements
-
Maintain Records of Processing Activities (ROPA) and ensure Privacy By Design for new features/changes in the platform
-
Undertake all other reasonable and related tasks associated with this role
Desired Qualification:
-
5-10 years of experience in data privacy and compliance, with exposure to cloud software platforms
-
Extensive experience in data protection and knowledge of relevant legislation, including GDPR, Standard Contractual Clauses, Transfer Impact Assessment, CCPA, UK DPA 2018, LGPD, PIPEDA, Swiss FDAP, etc.
-
Certifications such as CIPP/E, CIPP/US, CIPM, CIPT, etc., are preferred
-
Specialist knowledge in a relevant area, e.g., data security and individual rights requests
-
Excellent communication, interpersonal, project management, and issue resolution skills
-
Excellent analytical skills, organizational skills, ingenuity, and the ability to work as part of a team
-
Experience in managing privacy audits and risk management processes
-
Demonstrated ability to learn quickly, take the initiative, and drive complex projects
About MindTickle
MindTickle is a sales readiness platform for onboarding, product training, coaching and ongoing readiness, that helps fast growing companies to prepare their sales teams and partners in a scalable and effective way. MindTickle has proven success in reducing ramp-up times for new sales reps and increasing the productivity of the entire sales team.
The vision at Mindtickle is to build a platform to simplify the work of customer-facing employees. A testament to this vision of #SalesReadiness is our recent funding from Softbank Group Corp valuing us $1.2B. With 200+ enterprise customers ranging from pre-IPO companies to fortune 2000s, we could not have asked for more.
Now as this rocketship shifts gears to scale, we are looking for talented & sincere product folks to join our team. Oh! you might have questions on our work culture, do visit our Glassdoor page and read why we have a 4.8 rating.
Similar jobs
Roles and Responsibilities:
- To Maintain the required uptime for Azure Cloud and IT Infrastructure.
- To provide earliest resolution of the reported issues, which may include but not limited to cloud &
- end user related issues.
- Configuring and managing the alerts through Nagios, which may include but not limited to
- scripting knowledge.
- Linux and Windows Server administration.
- Managing Firewalls and Domain Controllers.
- Timely delivery of the assigned tasks.
Requirements:
- Having relevant experience of 3-8 yrs.
- Sound knowledge of Linux & Windows System administration
- Good Hands-on experience on Cloud-AWS/Azure ( Willing to work on Azure Cloud )
- Good knowledge of networking, firewall & domain controller
- Basic knowledge of DevOps/Scripting
- Owning accountability and responsibility for end-to-end tasks
About Company:
GEVME is a Singapore based fast growing leading virtual & hybrid event and engagement platform for building unique experiences. It is used by event professionals worldwide to build, operate and monetise virtual events for some of the biggest brands. The flexibility of the platform provides them with limitless possibilities to turn any virtual event idea into reality. We have already powered hundreds of thousands of events around the world for clients like Facebook, Netflix, Starbucks, Forbes, MasterCard, Singapore Government.
We are a product company with a strong engineering and family culture; we are always looking for new ways to enhance the event experience and empower efficient event management. We’re on a mission to groom the next generation of event technology thought leaders as we grow.
Job Description
We are looking for a Junior SecOps Engineer who has at least 1 year of relevant experience to join our Security team. A keen attention to detail, problem-solving abilities, and a solid knowledge base are essential.
Location - Work from home (Remote) full time
Responsibilities
Security Operations
- Cross-team support: Work with multiple Product and Engineering teams to find ways to improve the supportability, and products, and interact with our Security teams to drive high-quality production.
- Architecting and implementing enterprise-level security solutions.
- Full end-to-end security assurance activities including Vulnerability Assessments (pre-production, post-production) in order to identify areas of risk and ensure any gaps are documented and remediated.
- Supplement Cloud monitoring tool(s) by adding new capabilities, security checks, and automation using the tool's extension capabilities and/or the SDK/API.
- Provide threat modeling and risk assessment services to characterize the risk and severity posture of various systems and components in the Cloud environment.
- Run Cloud Continuous Monitoring reporting/metrics governing all security compliance/hygiene issues across the entire Cloud ecosystem.
- Run and operate Breach and Attack Simulation (BAS) platform(s) to continually simulate, validate, and remediate potential attackers' paths to critical Cloud assets.
- Support the implementation of Infrastructure as Code (IaC) security checks as part of the end-to-end Cloud Service enablement work stream.
- Vulnerability and Threat Management (VTM) - Monitoring and Assessment, in the container space.
- Develop and Deploy security guardrails through reusable patterns using a standardized development framework.
- Issue management and follow-up: Develop an understanding of AWS’ product technology and underlying architectures by troubleshooting, reproducing, and determining the root cause of our issues; build tools for faster diagnosis.
- Security Development and Administration: evaluate new cybersecurity applications or tools, rules/signatures, access controls, and configurations of cybersecurity platforms.
Audit & Compliance
- Managing the Information Security Management System (ISMS) according to the ISO/IEC 27001:2013 certification processes including the Information Security policies, procedures, guidelines and audit.
- Participation in the risk analysis process in the role of a technical expert.
- Update process documentation.
- Support auditors and provide articles of evidence as needed, review audit reports, implement or support the implementation of necessary remediations.
Requirements:
- Bachelor's degree in Engineering, Information Technology, Computer Science or a related field.
- Strong understanding of Zero Trust.
- Strong understanding of OWASP Top 10 Vulnerabilities.
- Strong understanding of IS27001 and GDPR.
- Experience in large-scale, secure, and high availability solutions in AWS.
- Strong understanding of different VAPT methodologies and tools used.
- Strong general programming experience in Python or Java to write automation scripts.
- Very Good understanding of containerization technologies such as Docker.
- Excellent written and verbal communication skills.
- Strong interpersonal, team building, and mentoring skills.
- Strong understanding of AWS concepts such as IAM, networking (shared VPC's), running VM based workloads and container (ECS) based workloads.
- An accomplished understanding of security principles and other associated controls and features in AWS
- Technical writing, experience in preparing and presenting technical material to a variety of audiences.
- Experience in working in, and with, Agile delivery teams.
- Industry-accredited certifications will definitely be a plus.
- Extensive experience in designing, building & supporting Azure Managed Services Operations.
- Good understanding of Azure IaaS and PaaS services (Azure VMs, App Service, VM Scale set, Storage, Web App, Function App, Logic App, SQL instance, Data factory, Key vault, API management service etc.).
- Good understanding of Azure networking, vNet, NSG, various load balancing services, VPN, Express Route and firewalls in cloud environment.
- Knowledge on Cloud Adoption Framework.
- Hands on Experience in migration of various workloads to Azure from on-prem sources like VMware, Hyper-V, Physical Servers and from other Clouds.
- Knowledge of Azure Backups and ASR (Azure Site Recovery).
- Strong Knowledge on Containerization and Orchestration (Docker, Kubernetes, AKS).
- Powershell Scripting, Azure CLI, ARM templates writing, setup automation for resources provisioning and other IaC tools like terraform, Ansible is an added advantage.
- Knowledge on Azure automation and Automation Desire State Configuration.
- Knowledge on Azure Devops or GIT Actions on CI/CD pipeline configuration.
- Strong experience in configuring, maintaining, and troubleshooting Microsoft based production systems.
- Aspire to learn and be able to pick up latest technical advances in Azure and be able to implement it.
- Certificate on Azure Administrator & Azure Architect has added advantage.
i. Technology Graduate with 8+ years of experience in the IT industry & Information Security / Cyber Security
iii. Provide Security Vision & Strategy to the Organization, strategic direction, development, and implementation of information security programs and projects to address risks relevant to the attainment of organizational strategic goals.
iv. Experience in advising leadership team regarding Security Technology Land scape, product issues, and possible improvements
v. Expertise in providing executive roadmaps for continual improvement in teams, technology, and processes, process across various security & DevSecops teams
vi. Experienced in Information Security Risk Management, gap analyses, Audits.
vii. Hands-on Experience in formulating Cyber Security Policies, Design and implementation of Security Technologies, DevSecOps.
viii. Working Knowledge in implementation of Cyber Security Solution in Open Source, OpenStack environment.
ix. Ability to provide strategies to increase the ability to withstand cyber-attacks, as measured by annual sophisticated attack simulations.
x. Experience in upgrading, troubleshooting and tuning of Cyber Security Solutions, SOC Operations.
xi. Thorough understanding and good knowledge latest Cyber Security technologies, Security Architectures, vulnerabilities, security threats.
xii. Expertise in Test-Driven Development and establishing a DevSecOps practice. Multiple product launches under your belt - from design to launch, having played a key role in their success
xiii. Ability to setup PoC for latest security solutions
xiv. Good understanding of Open Source Technologies, Private Cloud Technologies.
Are you looking for a promising career with a well known ed-tech brand, which is looking to make life easier for kids and parents to understand basic concepts of learning? Then read on.
Our client aspires for equity in education along with profound, measurable societal impact. The company provides learning solutions such as digitalized educational contents, English speaking, school infrastructure, improvement and management solutions etc. for a spectrum of audiences ranging from children in schools and informal setting, to teachers, adults, and corporate. They've created significant reach and impact at scale; through their presence across 32 States and Union Territories and 478 districts of India, in 36,000 schools and with a network of around 300 Institutes of Skills, and 100 industrial clusters, they directly impact 15 million people on a daily basis.
Globally, they deliver programmes in 17 countries of Africa, Middle East and South East Asia. As catalysts, they facilitate education to transform and create a sustainable impact. They improve the quality, reach and delivery of education to the masses using pedagogy and technology. Their partnerships with the government, educational institutions, and international agencies ensure maximum reach and hence, impact.
- Troubleshooting Network and Internet Issues for Clients.
- Fixing Software and Drivers on Client Systems.
- Understanding of Settings and Control Panel Options.
- Fixing Issues in Device Manager and External Devices.
- Understanding Latest Privacy Settings and Access Control in Devices
What you need to have:
- Graduate with diploma in Computer Hardware and Networking having 2 years of working experience in the required field
- Adept at technology to troubleshoot and ensure smooth online class experience.
- Active listening skills, patience, and detailed obsession to maintain call logs.
- Should understand the Digital Learning Products landscape, and partner ecosystem.
- Excellent oral communication skills in English with a passion to resolve customer queries successfully and quickly
- Understanding Operating Systems like Windows 7,8,10 and macOS.
Responsibilities:
The Senior Information Security Engineer is responsible for the implementation, execution and maintenance of technology solutions to mitigate risk, to protect the IT and Engineering environments by reducing the probability of, and to minimize the effects of, damage caused by malware, malicious activities and security events.
The individual will help protect the company by deploying, tuning, and managing security tools across the computing environment, as well as provide security incident response cycle support. They should have a passion and skills for identifying the latest cyber threats. The individual will:
Basic Qualifications
- Working knowledge of infrastructure-as-code and CI/CD pipelines tools (i.e. Jenkins, Teamcity, CircleCI etc..)
- Lead and participate in major day-to-day operational aspects of the security engineering team including improvement of current security controls while constantly identifying areas of needed improvement
- Deep hands-on security experience with cloud providers, such as AWS, GCP, Azure
- Understanding of automated security testing approaches and tools
- Experience with proactive integration of security into the development process
- Lead continuous improvement efforts of out security tools and systems (Concertation on SIEM, IDS, EDR Tools)
- Work with our customers (Security Operations, Incident Response, and Product teams) to incorporate high quality security alerting into their operational workflows
- Improve overall security practitioner efficiency through process automation
- Foster and promote collaboration among all members of the IT, Infrastructure, and Risk Management Departments.
Minimum Qualifications/Requirements
- BS or MS in Computer Science or related field
- Minimum 7+ years of cybersecurity experience
- Must have previous experience performing threat hunting and incident response duties using SIEM tools, cybersecurity management consoles, and ticketing systems
- Experience in deployment, development, and maintenance of SIEM
- Experience writing and using Ansible server administration scripts, and create simple Python, BASH, or Powershell scripts to automate cybersecurity functions
- Scripting experience to automate security operations, alerting, and compliance checks, CI/CD design, deployment, and management
- Experience with managing endpoint response and detection infrastructure and endpoints at the enterprise level, including performing upgrades to the back end application and deploying new agent versions to endpoints
- Understanding the investigative process and performing triage for cybersecurity incidents
- Experience maintaining industry leading security technologies or infrastructure systems in complex technical IT operations environment
- Must be detail-oriented and organized with ability to handle competing demands while meeting deadlines
- Experience in authentication protocols and frameworks to include OAuth, and AWS IAM
- Proactive and motivated; team player with a positive can-do attitude
- Strong analytical/problem-solving skills and cross-functional knowledge across multiple IT operational and security disciplines
- Ability to communicate technical concepts to a broad range of technical and non-technical staff
- Must possess a high degree of integrity, be trustworthy, and have the ability to lead and inspire change
- 8+ years of experience in software development
- 4+ years of recent hands-on experience in architecting and building complex solutions that run in SaaS/PaaS environments, especially on AWS cloud leveraging SaaS based Microservices development coupled with Distributed Caching & Message Queuing.
- Should have experience in developing solution architecture and/or evaluate architectural alternatives for private, public and hybrid cloud models, including IaaS, PaaS, and other cloud services
- Should have excellent knowledge of cloud architecture and implementation features (OS, multi-tenancy, virtualization, orchestration, elastic scalability)
- Should have experience with Full Stack development with experience in technology stacks/frameworks like JAVA, Springboot, Python, Redis, SQL, NoSQL and Graph DBs
- Good to have Architected solutions that handle Big Data and should be proficient in data analytics
- Must have Expert level proficiency in Design / Architectural patterns, data structures and algorithms
- Must demonstrate knowledge of DevOps tool chains and processes
- Experience in web-based application migration from on-premise to SaaS model is a big plus.
- Experience of Integration patterns and associated best practice(e.g. Web Services, REST API's, Pub/Sub, MOM)
- Excellent knowledge and hands-on experience in Web services related, functionally decomposed architecture, Load Balancing of Web Services and applications, designing multi-tenant systems, Clustering and sharding of data, microservices architecture / design patterns, and throttling and performance management of such services
The local and home services industry is very fragmented and unorganized. Prior to Urban Company, hiring a plumber, beautician, yoga trainer, math tutor etc. was a painful process. There were no standards, no concept of trust, pricing inefficiencies etc. In a nutshell, the industry was shackled in the “yellow pages” era, and had seen no fundamental innovation for far too long.
The Urban Company team is young and passionate, and we see a massive disruption opportunity in his industry. By leveraging technology, and a set of simple yet powerful processes, we wish to build a platform that can organize the world of services - and bring them to your finger-tips. We believe there is immense value (akin to serendipity) in bringing together customers and professionals looking for each other. In the process, we hope to impact the lives of millions of service entrepreneurs, and transform service commerce they way Amazon transformed product commerce.
Why are we building Urbancomapny?
Organized service commerce is a large yet young industry in India. While India is a very large market for a home and local services (~USD 50 Billion in retail spends) and expected to double in the next 5 years, there is no billion-dollar company in this segment today.
The industry is bare ~20 years old, with a sub-optimal market architecture typical of an unorganized market - fragmented supply side operated by middlemen. As a result, experiences are broken for both customers and service professionals, each largely relying upon word of mouth to discover the other. The industry can easily be 1.5-2x larger than it is today if the frictions in user and professional's journeys are removed - and the experiences made more meaningful and joyful.
The Urban Company team is young and passionate, and we see a massive disruption opportunity in his industry. By leveraging technology, and a set of simple yet powerful processes, we wish to build a platform that can organize the world of services - and bring them to your finger-tips. We believe there is immense value (akin to serendipity) in bringing together customers and professionals looking for each other. In the process, we hope to impact the lives of millions of service entrepreneurs, and transform service commerce they way Amazon transformed product commerce.
Job Description :
Urbancompany has grown 3x YOY and so as our tech stack. We have evolved in data-driven approach solving for products over the last few years. We deal with around 10TB in data analytics with around 50Mn/day. We adopted platform thinking pretty at the very early stage of UC. We started building central platform teams who are dedicated solve for core engineering problems around a 2-3 years ago and now it has evolved to a full-fledged vertical. Out platform vertical majorly includes Data Engineering, Service and Core Platform, Infrastructure and Security. We are looking for Security Engineers to build security vertical from scratch. Person who loves hacking, standardisation, have strong knowledge and hands-on experience around building security platform and dictating strong security practices will be an ideal fit here.
Job Responsibilities
- Working on complex design and architectural problems.
- Solving security vulnerabilities and building highly insightful security platform
- Experience in conducting VAPT and handle data security
- Visioning out the roadmap and thought process behind taking current security loopholes and plan to take it to next level
- Building and maintaining the high NPS of 70% of Urbancomapny security
- Strong decision-maker with hands-on experience around coding
- Think about abstractions, systems, and services and write high-quality code.
- Think through complex architecture to build robust platforms to solve for security loopholes, automation and protection
Job Requirements
- A thinker with strong opinions and ability to get those opinions into reality
- Prior experience of creating complex systems in the past.
- Ability to build scalable, sustainable, reliable, and secure products based on past experience.
- Ability to bring new practices, architectural choices, and new initiatives onto the table to make the overall tech stack more robust.
- History and familiarity with server-side architecture based on APIs, databases, infrastructure, and systems.
- Ability to own the technical road map for systems/components.
What can you expect?
- A phenomenal work environment, with massive ownership and growth opportunities.
- A high performance, high velocity environment at the cutting edge of growth.
- Strong ownership expectation and freedom to fail.
- Quick iterations and deployments – fail-fast attitude.
- Opportunity to work on cutting edge technologies.
- Massive, and direct impact of the work you do on lives of people.
- Having the skin in the game with lucrative ESOPs
Why are we building UrbanClap?
The local and home services industry is very fragmented and unorganized. Prior to UrbanClap, hiring a plumber, beautician, yoga trainer, math tutor etc. was a painful process. There were no standards, no concept of trust, pricing inefficiencies etc. In a nutshell, the industry was shackled in the “yellow pages” era, and had seen no fundamental innovation for far too long.
The UrbanClap team is young and passionate, and we see a massive disruption opportunity in his industry. By leveraging technology, and a set of simple yet powerful processes, we wish to build a platform that can organize the world of services - and bring them to your finger-tips.We believe there is immense value (akin to serendipity) in bringing together customers and professionals looking for each other. In the process, we hope to impact the lives of millions of service entrepreneurs, and transform service commerce they way Amazon transformed product commerce.
Job Description
1. Lead the IT Network Security function at Urban Company and serve as the subject matter expert to manage the overall IT security infrastructure. The candidate will report directly to the Head of Workplace Infrastructure.
2. Maintaining firewalls, virtual private networks, web protocols, and email security
3. Develop the Incident management protocols to troubleshoot and repair network-related problems, system failures, switching/routing, etc.
4. Ensure the infrastructure is properly monitored within set thresholds and that alerts regarding network outages are addressed in a timely manner
5. Identify/diagnose network configuration and/or performance irregularities.
6. Determining latest technologies and processes that improve the overall security infrastructure.
7. Manage vendors and critical system AMCs
Job requirements:
1. Strong hands on experience on Network Hardware like Cisco Meraki, Juniper switches, Sophos XG firewall and other firewalls
2. Good understanding and knowledge of Network and Security
3. Knowledge of network monitoring tools
4. Strong practical knowledge of network concepts including DNS, DHCP, VPN, NAT, ACL, Access Groups, IPsec, AAA network protocols, port configuration, link aggregation, spanning tree optimization, traffic Shaping, and performance tuning.
5. Basic knowledge in Linux Unix command line, window’s batch scripts
6. Decode the error /alarm status, understand the failed unit / device and provide hands and feet support in resolution through strong hardware and networking troubleshooting techniques
7. Maintain an updated document for LAN and WAN network diagrams with relevant details
8. Monitor Routers & Interface statistics for up / down status along with router CPU Utilization & log monitoring, study CPU usage, memory usage, fine-tuning, availability, throughput, and latency) and test for weaknesses and recommend upgrade
9. Provide comprehensive and up-to-date documentation and inventories of Network assets, Services procedures, and configurations to ensure that maintenance and continuity of the Service is achievable in a timely manner
10.Define Security Concept deployment, Security Policies for Urban Company
