Lead Information Security Engineer -GRC

About Us

InMobi is the leading provider of content, monetization, and marketing technologies that fuel growth for industries around the world. Our end-to-end advertising software platform, connected content, and commerce experiences activate audiences, drive real connections, and diversify revenue for businesses everywhere.

InMobi Advertising is an end-to-end advertising platform that helps advertisers drive real connections with consumers. We drive customer growth by helping businesses understand, engage, and acquire consumers effectively through data-driven media solutions. Learn more at advertising.inmobi.com .

Glance is a consumer technology company that operates disruptive digital platforms, including Glance, Roposo, and Nostra. Glance’s smart lockscreen and TV experience inspires consumers to make the most of every moment by surfing relevant content without the need for searching and downloading apps. Glance is currently available on over 450 million smartphones and televisions worldwide. Learn more at glance.com .

Born in India, InMobi maintains a large presence in Bangalore and San Mateo, CA, and has operations in New York, Singapore, Delhi, Mumbai, Beijing, Shanghai, Jakarta, Manila, Kuala Lumpur, Sydney, Melbourne, Seoul, Tokyo, London, and Dubai. To learn more, visit inmobi.com .

Why Join Us?

You will contribute to creating disruptive and innovative consumer experiences using technology. We value autonomy, collaboration, technical innovation, and results-oriented thinking. InMobi’s culture is all about rewarding excellence so there are fantastic opportunities for the right candidates

What does the team do?

Opportunity is part of the evolving cyber security group which is laser-focused on setting up industry benchmarks in managing & guarding against digital risks in a “Cloud Native- DevOps Only” environment. It is a lean-mean-special action group where every cyber sentinel gets an opportunity to work across domains, has the independence to challenge the status quo & evolve cyber practices to the next level of maturity. Our core competencies revolve around “Product & Platform security”, “Cloud Native Risk Management” and “Detection & Response”.

What you will be doing?

Own the technology risk management practice and concentrate efforts on continuous improvement in GRC function aligned to global standards like NIST CSF, ISO 27001, ISO 31000, Cloud Security Alliance, etc.

Develop and maintain cyber security policies, procedures, and standards-aligned to global standards.

Perform risk assessments of the in-house products of InMobi and third-party vendor applications to identify current and future security risks.

Evaluate emerging technologies for their adoption to strengthen InMobi’s defenses.

Performs process-level walkthroughs, control testing, etc. for the identification and assessment of IT risks and controls.

Effectively communicate key risks, findings, and recommendations for improvement with key stakeholders.

Maintains risk register and develops IT Risk Management metrics and reports.

Improve compliance with security standards and policies across third parties used in the enterprise.

Monitor open third-party security issues and remediation actions associated with security control gaps to ensure timely closure.

Responsible for conducting deep dives on IT security-related processes and systems.

Executes information security awareness programs by regularly conducting workshops to educate employees about information security and best practices.

What is expected out of you?

3-6 years of experience in cyber security & risk management domain.

Strong understanding of security governance, compliance and risk management principles.

Strong understanding of mitigation methodologies and regulatory requirements pertaining to information security, privacy, and / or data security.

Ability to work independently with little direction and / or supervision.

Superior communication skills with the ability to ask questions, escalate roadblocks early, and interact effectively at multiple levels in the organization.

Keen attention to detail with the ability to correct on the fly and work independently.

Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker.

Mindset to standardize & maximize automation in security & risk management space.

High business acumen & ability to understand business objectives, technology stack and evolve security as a business enabler capability.

Ability to operate, decide & evolve in ambiguous situations.

Curiosity to learn & adopt emerging technologies.

Holds vendor-neutral cyber security certifications (desirable).