Security Compliance Engineer (all genders)

6 Months ago • All levels • Cyber Security

Job Summary

Job Description

Seeking a Security Compliance Engineer to secure our enterprise application landscape, including modern cloud architecture, using state-of-the-art security tools. Strong experience in ISO27001/2, PCI-DSS, and risk assessments is essential.
Must have:
  • ISO27001 Compliance
  • PCI-DSS Standards
  • Risk Assessments
  • Security Policies
Good to have:
  • CISSP Certification
  • Cloud Security
  • Security Audits
  • NIST Framework
Perks:
  • Global Network
  • Hybrid Work

Job Details

About the job

Hrs As a Company

HRS, a pioneer in business travel, aims to elevate every stay through innovative technology. With over 50 years of experience, their digital platform, driven by ProcureTech, TravelTech, and FinTech, transforms how companies and travelers Stay, Work, and Pay.

ProcureTech digitally revolutionizes lodging procurement, connecting corporations and suppliers in a cutting-edge ecosystem. This enables seamless efficiency and automation, surpassing travelers' expectations.

TravelTech redefines the online lodging experience, offering personalized content from selection to check-in, ensuring an unparalleled journey for corporate travelers.

In FinTech, HRS introduces advancements like mobile banking and digital payments, turning corporate back offices into touchless lodging enablers, eliminating legacy cost barriers. The innovative 2-click book-to-pay feature streamlines interactions for travelers and hoteliers.

Combining these technology propositions, HRS unlocks exponential catalyst effects. Their data-driven focus delivers value-added services and high-return network effects, creating substantial customer value.

HRS's exponential growth since 1972 serves over 35% of the global Fortune 500 and leading hotel chains.

Join HRS to shape the future of business travel, empowered by a culture of growth and setting new industry standards worldwide.

BUSINESS UNIT

The Security Department is a critical function within our organization, reporting directly to the CEO and responsible for safeguarding the security of our operations on a global scale. This department is divided into three specialized teams: the Security Operations Team, the Security Compliance Team, and the Fraud Prevention Team.

  • The Security Operations Team focuses on the implementation and management of advanced security technologies, monitoring, and responding to threats in real-time to ensure the protection of our systems, networks, and data.
  • The Security Compliance Team ensures that our security policies, procedures, and practices adhere to industry standards and regulatory requirements, working closely with business departments to maintain and enhance our compliance posture.
  • The Fraud Prevention Team is dedicated to identifying, preventing, and mitigating fraudulent activities across all facets of the organization, ensuring the integrity of our operations and protecting against financial and reputational risks.

Together, these teams collaborate to deliver a comprehensive security strategy that protects our assets and supports our global operations.

POSITION

We are currently seeking a Security Compliance Engineer (all genders) to join our Security Team in Chandigarh /Mohali. Reporting to the CISO, this role is pivotal in securing our enterprise application landscape, including modern cloud architecture, using state-of-the-art security tools. Our strategic goal is to achieve and maintain ISO27001 certification in addition to our TISAX label and PCI-DSS certification, which requires establishing and rolling out an ISMS, supporting business departments in defining their procedures, and ensuring compliance.

CHALLENGE

Compliance Management

  • Design and implement security policies and procedures, especially in the context of industry standards like ISO27001/2 and PCI-DSS.
  • Ensure compliance with applicable laws, regulations, and standards (e.g., GDPR, HIPAA, PCI-DSS, ISO 27001).
  • Monitor and report on compliance status to senior management.
  • Develop and deliver security awareness and training programs for employees.

Risk Assessment and Audits

  • Conduct regular risk assessments to identify potential security threats and vulnerabilities.
  • Perform vulnerability assessments and penetration tests of the platform.
  • Coordinate and support internal and external audits.
  • Conduct internal security assessments and prepare for external compliance audits.

Incident Response and Documentation

  • Assist in the development and implementation of incident response plans.
  • Investigate security incidents and breaches, and implement corrective measures.
  • Maintain comprehensive documentation of compliance efforts, including policies, procedures, and audit results.
  • Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement.

Security Engineering and Implementation

  • Engineer, implement, and monitor security measures for the protection of computer systems, networks, and information.
  • Identify and define system security requirements.
  • Design computer security architecture and develop detailed cyber security designs.
  • Prepare and document standard operating procedures and protocols.

Technical Solutions Development

  • Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
  • Ensure that security controls are effective and aligned with compliance requirements.
  • Monitor and audit security controls regularly to ensure ongoing effectiveness.

FOR THIS EXCITING MISSION YOU ARE EQUIPPED WITH...

  • Bachelor's degree from an accredited technical college or university or equivalent combination of education and experience.
  • Fluency in English, both spoken and written, is essential.

Compliance and Policy Management

  • Extensive experience in establishing, implementing, and maintaining an Information Security Management System (ISMS), particularly in alignment with ISO27001 standards.
  • Demonstrated ability to write, develop, and maintain comprehensive security policies and procedures.
  • Experience in defining and implementing security procedures in close collaboration with business departments to ensure alignment with organizational goals and compliance requirements.
  • Solid understanding of relevant standards and regulations such as GDPR, ISO27001, TISAX, SOC2/3 and PCI-DSS.
  • Experience in conducting risk assessments and managing security compliance efforts within an enterprise environment.

Technical Skills

  • Proven work experience as a System Security Engineer, Information Security Engineer, or similar role.
  • Detailed technical knowledge of database, operating system, and cloud security, with hands-on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, and content filtering.
  • Strong familiarity with network security and networking technologies, including experience with system, security, and network monitoring tools.
  • Thorough understanding of the latest security principles, techniques, and protocols.

Preferred Qualifications

  • Professional certifications such as CISSP, CISA, CISM, or equivalent.
  • Experience in conducting security audits and assessments.
  • Knowledge of cloud security and compliance frameworks (e.g., AWS, Azure).
  • Familiarity with security frameworks (e.g., NIST, COBIT).
  • Experience with risk management and security assessment methodologies.

Soft Skills

  • Strong organizational and project management skills.
  • Ability to work independently and as part of a team.
  • Attention to detail and a commitment to excellence.
  • Ability to stay current with the latest industry trends and technologies.

PERSPECTIVE

Access to a global network of a globally united and mutually responsible “Tribe of Intrapreneurs” that is passionately dedicated to renew the travel industry and while doing so reinvent the ways how businesses stay, work and pay.

Our entrepreneurial driven environment of full ownership and execution focus offers you the playground to contribute to a greater mission, while growing personally and professionally throughout this unique journey. You will continuously learn from a radical culture of retrospectives and continuous improvement and actively contribute to making business life better, smarter and more sustainable.

LOCATION, MOBILITY, INCENTIVE

The attractive remuneration is in line with the market and, in addition to a fixed monthly salary, all necessary work equipment and mobility, will also include an annual or multi-year bonus.

Similar Jobs

Axinous - Account Executive - Public Sector FSI

Axinous

Virginia, United States (Remote)
1 Month ago
Barracuda Networks  Inc  - Senior Software Development Engineer in Test (Sr. SDET)

Barracuda Networks Inc

Bengaluru, Karnataka, India (On-Site)
6 Months ago
Sinch - Product Security Engineer

Sinch

India (Remote)
2 Months ago
Axinous - Account Executive, Majors

Axinous

Texas, United States (Remote)
1 Month ago
Microsoft - Software Engineer - CTJ - Poly

Microsoft

(On-Site)
4 Months ago
Spin Master - Cyber Security Analyst

Spin Master

Kowloon, Hong Kong (On-Site)
1 Month ago
ION - Cyber Product Owner, Italy

ION

Italy (Hybrid)
6 Months ago
Egnyte - Sr. Customer Success Manager, S&G Specialist

Egnyte

India (Remote)
3 Months ago
Ubisoft - Resilience and Safety Specialist

Ubisoft

Montreal, Quebec, Canada (Hybrid)
2 Months ago
PwC - ETIC, Cybersecurity Risk Technology Associate

PwC

Cairo, Cairo Governorate, Egypt (On-Site)
6 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Sensia Global - Cloud Engineer, Sensia

Sensia Global

Kolkata, West Bengal, India (On-Site)
5 Months ago
Axinous - Account Executive - Risk Management (Avalor)

Axinous

Illinois, United States (Remote)
4 Months ago
Axinous - Commercial Sales Engineer

Axinous

Colorado, United States (Remote)
1 Month ago
Hike - Security Software Development Engineer

Hike

Delhi, India (Remote)
1 Month ago
Axinous - Senior Manager - International Tax

Axinous

Hyderabad, Telangana, India (Remote)
2 Months ago
Extreme Network - Staff Cloud Operations Engineer-Cloud Operations team

Extreme Network

Hangzhou, Zhejiang, China (Hybrid)
6 Months ago
Axinous - Account Executive, Commercial - San Jose

Axinous

California, United States (Remote)
1 Month ago
Axinous - Hardware Compliance - Sr. Staff Program Manager

Axinous

San Jose, California, United States (Remote)
3 Months ago
Warner Bros Discovery - Senior Director, Global News and Journalism Business Information Security Office

Warner Bros Discovery

Washington, District Of Columbia, United States (Hybrid)
5 Months ago
ION - Senior DevSecOps Engineer, Italy

ION

London, England, United Kingdom (On-Site)
6 Months ago

Get notifed when new similar jobs are uploaded

Jobs in Sahibzada Ajit Singh Nagar, Punjab, India

Wind River Systems - Member of Technical Staff

Wind River Systems

Bengaluru, Karnataka, India (On-Site)
6 Months ago
Schbang - Business Growth Manager

Schbang

Mumbai, Maharashtra, India (On-Site)
2 Months ago
Geeksynergy Technologies   - 3D Artist (Architectural Modeling and Animation)

Geeksynergy Technologies

Karnataka, India (On-Site)
7 Months ago
Trek - Network Engineer

Trek

Haryana, India (On-Site)
2 Months ago
Rackspace Technology - Support Engineer I - IN (AWS and Linux/Windows)

Rackspace Technology

Gurugram, Haryana, India (Hybrid)
1 Month ago
Trek - IT Procurement Analyst - Level I

Trek

Haryana, India (On-Site)
2 Months ago
Velotio Technologies - Software Engineer (React.js)

Velotio Technologies

Maharashtra, India (Remote)
2 Months ago
Glean - Marketing Operations Manager

Glean

Bengaluru, Karnataka, India (On-Site)
5 Months ago
Gyaan - Senior Backend Engineer (Python)

Gyaan

Pune, Maharashtra, India (On-Site)
6 Months ago
DNEG - Head of Taxation

DNEG

Mumbai, Maharashtra, India (On-Site)
8 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

Axinous - Transformation Architect - South East

Axinous

Florida, United States (Remote)
1 Month ago
Snowprint Studios - IT & Cybersecurity Lead/Manager

Snowprint Studios

Stockholm, Stockholm County, Sweden (On-Site)
2 Months ago
OpenText - Software Security Research

OpenText

Bengaluru, Karnataka, India (On-Site)
7 Months ago
Spin Master - Cyber Security Analyst

Spin Master

Kowloon, Hong Kong (On-Site)
1 Month ago
ByteDance - Product Solutions Architect - Enterprise Security

ByteDance

Singapore (On-Site)
5 Months ago
Salesforce - Staff Software Engineer, Product Security

Salesforce

Colorado, United States (Remote)
3 Months ago
ION - Network Security Engineer

ION

Castellazzo Bormida, Piedmont, Italy (Hybrid)
6 Months ago
Electronic Arts - Senior Specialist Global Security Contracts

Electronic Arts

Bucharest, Bucharest, Romania (Hybrid)
2 Months ago
PwC - Cyber Security Associate

PwC

Bangkok, Bangkok, Thailand (On-Site)
6 Months ago
The Walt Disney Company - Staff Security Specialist, Information Security

The Walt Disney Company

Orlando, Florida, United States (On-Site)
2 Months ago

Get notifed when new similar jobs are uploaded