Principal Infosec & Compliance
Job Posting Start Date: 9 Dec 2024
Location: Gurgaon, HR, IN
Company: InterGlobe Aviation Ltd
IndiGo is India’s largest and most preferred passenger airline and amongst the fastest growing airlines in the world.
We have a simple philosophy: offer fares that are affordable, flights that are on time, and provide a courteous and hassle-free travel experience across our unparalleled network. We show that low cost does not mean low quality. With our fleet of over 320 aircraft, we operate well over 2000+ daily flights, connecting over 118 destinations (of which 32 international), welcoming 100 million customers on board last year. We have an industry leading on-time performance and one of the highest customer NPS in the Indian market. At IndiGo, we will continue to extend our scope, by spreading our wings internationally, developing from a domestic carrier to a global aviation giant.
Job Description
Job Summary
As a Principal - InfoSec and Compliance, you will play a vital role in maintaining and improving our information security and data privacy governance, risk, and compliance framework. You will work closely with various teams to ensure compliance with industry standards, particularly ISO 27001, data privacy, and assess the risks associated with our IT systems and processes.
Roles & Responsibilities
1. Compliance Management:
- Assist in the development and maintenance of information security and data privacy policies, procedures, and standards.
- Conduct regular compliance assessments, internal audits to ensure adherence to data privacy, ISO 27001 and other relevant regulations.
- Monitor and report on privacy and security compliance gaps, and work with teams to implement corrective actions.
2. Risk Assessment:
- Conduct risk assessments to identify potential privacy and security threats.
- Collaborate with IT and business units to develop and implement risk mitigation strategies.
- Continuously update and maintain the risk register.
3. Documentation and Reporting:
- Prepare comprehensive reports on the status of compliance and risk management activities.
- Maintain an accurate inventory of data privacy and information security policies and documentation.
- Provide clear and concise documentation of findings, assessments, and action plans.
4. Training and Awareness:
- Assist in educating employees and stakeholders on data privacy best practices and the importance of compliance.
- Stay up-to-date with industry trends, best practices, and emerging threats, and share this knowledge within the organization.
Qualifications:
- Bachelor's degree.
- 15-18 years of experience in InfoSec role with a strong understanding of ISO 27001 and GDPR.
- Familiarity with other cybersecurity standards and data privacy regulations (e.g., NIST, DPDPA) is a plus.
- Strong analytical skills and the ability to assess and mitigate security risks.
- Excellent communication and documentation skills.
At IndiGo, we believe in the innate strength of an energetic, diverse, and inclusive workforce, where the viewpoints and life experiences of our employees help us foster strong connection with all our customers. Our diversity equity and inclusion efforts are designed to attract, nurture, and advance the lives of our employees and customers irrespective of their, but not limited to, gender, race, color, religion, caste, creed, ethnicity, origin, language, social and economic status, sexual orientation, persons with disabilities, nationality, age, marital and maternity status.
IndiGo does not charge fees for Job Interviews, Registration, Verification or Offer Letters. All Official communication will be from verified IndiGo IDs (e.g., xxx@goindigo.in). Please report any fake job offer to eco.goindigo.in