Job Description

ou are an experienced and dynamic information security risk management leader able to support and manage the day-to-day operations of Cvent's regional Security Risk and Compliance team based in Gurgaon, India. In this role, you will be responsible for leading people and processes focused on internal technology and third-party security risk management as well as leading audit and compliance activities with numerous security standards and frameworks. In This Role, You Will: Team Leadership and Management Lead the regional Security Risk & Compliance team with an emphasis on developing sustainable, scalable programs and processes, efficiently and effectively allocating resources and responsibilities, coaching and developing staff, and driving results through overall performance management In consultation and partnership with global Information Security leadership, plan, design, and execute regional programs, projects, and processes related to the Security Risk & Compliance function, ensuring alignment and effectiveness with local and global business, technology, and security goals Serve as primary regional leadership representative for the Security Risk & Compliance function, engaging regularly with regional leadership stakeholders to align business and technology practices with company security strategy, policies and standards Actively promote and drive secure and compliant technology risk management practices and support achievement of strategic security objectives and key results Foster a high-performing team culture of ownership, collaboration, and continuous learning and improvement Security Risk Management & Compliance Collaborate with global Information Security leadership and functional peers to develop, maintain, communicate, and implement information security policies, standards, and procedures Lead and manage regional security risk assessments of internal technology projects as well as third-party solutions and vendors; collaborate with regional leadership and relevant stakeholders to prioritize, plan, resource, and implement risk treatment plans Lead regional certification audit activities scoped to a variety of security standards and regulatory frameworks relevant to Cvent's global SaaS operations, including but not limited to ISO 27001, ISO 27701, SOC 2, and PCI-DSS Support global information security metrics reporting and governance processes, including developing processes, tools, and reports that transform data into insights and information to drive achievement of security risk management objectives and key results Innovation and Continuous Improvement: Stay abreast of emerging security risks, compliance frameworks and regulatory requirements threats, technologies, compliance frameworks, and best practices, particularly those relevant to the global SaaS industry Foster and promote development of innovative security processes and solutions to enhance Cvent's security and compliance posture Continuously assess and improve the effectiveness of the Cvent India R&C Security team as well as the respective security programs, initiatives, and day-to-day activities Here's What You Need: Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field; Master's degree preferred Relevant industry certifications, such as CISSP, CISA, CISM, or CRISC Experience: 10+ years of experience in information security, with at least 6 years in an information security leadership role Demonstrable experience with various information security domains including, but not limited to, information security auditing and compliance, information security risk management, third-party technology risk management, technology vulnerability management, and cloud security Proven track record of implementing security risk management standards, frameworks, and methodologies, including regulatory security requirements related to global data privacy and protection laws relevant to cloud service providers Strong technical knowledge of cybersecurity and technology risk management principles, best practices, and solutions Soft Skills: Exceptional leadership and management abilities; proven ability to effectively allocate and delegate responsibility for, oversee, and drive successful execution of programs, projects, and tasks Strong, persuasive communications skills; ability to coach and develop staff, influence stakeholders, and drive positive change across an organization at all levels Excellent stakeholder management and negotiation skills; ability to effectively articulate complex cybersecurity risk management and compliance concepts to both technical and non-technical audiences to build consensus and achieve cross-functional alignment on security risk management and compliance as well as security assurance priorities Strong business acumen with the ability to align security initiatives with business objectives Ability to navigate and adapt to ambiguity as well as be personally resilient in a fast-paced, dynamic, multi-national company