full-width-banner full-width-banner full-width-banner

Explore a world of opportunities

Join one of the world’s leading brand franchise operators

Read more
full-width-banner full-width-banner full-width-banner

Great people, great brands, great future

Start your journey with us

Find vacancies
Explore all opportunities

Work type

Locations

India

Categories

Your Experience Level

Our application process

At Alshaya, we make thousands of job offers every year, and we look forward to welcoming successful candidates to our growing business.

Here are some important facts you need to know about our processes, so you can be sure that your job offer is genuine.

  • We never ask candidates to pay fees or send us money.
  • We never ask candidates to give personal information such as date of birth, address, passport details, bank details, etc.
  • You always deal directly with us and all communication will come from an official ‘@alshaya.com’ email address, or through an affiliated Alshaya agency. To check if you’re dealing with an affiliate, you can email us at alshayajobs@alshaya.com

Receiving a job offer

If your job offer seems too good to be true, it probably is. There are three key things to remember if you suspect an offer is not genuine:

  • Do not contact the original sender
  • Do not provide any personal information
  • Do not make any payment

If you have concerns and wish to confirm a job offer is genuine, email us at alshayajobs@alshaya.com. Please include a photo or screenshot of the message you have received (please do not forward the original).

Note: Please do not send your CV to the email address listed above as it will not be considered as an application for work.

Click here to know more about our Job Offer process.


Information Security Officer - IT - India

Apply now Job no: IND2024-IT163
Location: India
India Head Office

IT

Alshaya IT is a diverse organisation supporting corporate, warehouse and retail specific IT infrastructure and systems. We have software teams creating and developing in-house applications and product teams optimising and integrating major third party solutions.  The rate of growth across divisions and geographies means we are constantly evaluating how we provide robust, scalable and business enabling infrastructure and systems in line with global benchmark standards. 

Job Summary:

The Alshaya group IS Security Governance, Risk, and Compliance (GRC) Officer develop and maintain information security policies and workforce training and awareness. 

The GRC officer serves as a critical resource for staff and leaders regarding information security policy implementation, interpretation, and compliance. 

The GRC officer assesses and prioritizes information security and cybersecurity risk across the organization, facilitates compliance with regulatory requirements and information security policies, and develops and reports on information security metrics.

The GRC Analyst is responsible for reducing information security and cybersecurity risk to UW Health by helping to prioritize and drive remediation efforts throughout the organization through the following:

• Establishing and maintaining governance and compliance standards.

• Conducting risk assessments to identify vulnerabilities internally and within vendor or third-party supplier products.

• Creating, maintaining, communicating, and enforcing information security policies.

• Advising senior leadership on risk management strategies, including risk mitigation, risk reduction, risk transfer, the risk exception process and residual risk analysis 

 

MAJOR RESPONSIBILITIES 

Governance and Compliance:

• Develops and implements a data security risk reporting framework, aligned with ISO, for management teams and governance committees.

• Designs and documents technical, administrative, and physical controls to ensure the business demonstrates compliance, ensuring that Alshaya meets both the requirements and intent of its regulatory and compliance obligations.

• Facilitates the remediation of control gaps and escalates critical issues to leadership.

• Manages an exception review and approval process, and assures exceptions are documented and periodically reviewed.

• Prepares for and facilitates examinations by qualified security assessors for regulations such as PCI DSS. Works closely with control owners and internal and external auditors to ensure requests are completed timely.

• Assists with the evaluation of the effectiveness of the information security program by developing, monitoring, gathering, and analysing information security and compliance metrics for management. 

 

Information Security Risk Assessment:

• Identifies, analyses, evaluates, and documents information security risks and controls based on established risk criteria.

• Conducts security risk assessments of planned and installed information systems to identify vulnerabilities and risks.

• Recommends controls to mitigate security risks identified via risk assessment process.

• Communicates risk findings and recommendations that are clear and actionable by business stakeholders. 

 

Security Policy Management and Workforce Training and Awareness:

• Supports workforce security activities including culture, awareness, and training.

• Facilitates eDiscovery and collection of data to support investigations of possible security or policy violations. Analyses information security incidents in collaboration with other stakeholders. Coordinates remediation and awareness training.

• Researches, recommends, and contributes to information security polices, standards, and procedures. Assists with the lifecycle management of information security policies and supporting documents.

• Works with other organizational participants to implement information security

 

About Us:

Alshaya Group is a dynamic family-owned enterprise which was first established in Kuwait in 1890. With a consistent record of growth and innovation, Alshaya Group is one of the world’s leading brand franchise operators, offering customers an unparalleled choice of well-loved international brands, including: Starbucks, H&M, Mothercare, Debenhams, Cos, American Eagle Outfitters, P.F. Chang’s, The Cheesecake Factory, The Body Shop, M.A.C, Victoria’s Secret, Boots, Vavavoom, Pottery Barn and KidZania.

Alshaya Group’s portfolio extends across MENA, Russia, Turkey, and Europe, with thousands of stores, cafes, restaurants and leisure destinations, as well as a growing online and digital business.

Operating in multiple sectors including Fashion, Food, Health & Beauty, Pharmacy, Home Furnishings and Leisure & Entertainment, Alshaya Group colleagues are united by a commitment to delivering great customer service and brand experiences.

Fresh, modern, and relevant, Alshaya’s constantly evolving retail portfolio reflects the choices and lifestyle of its customers. From flagship stores and restaurants in prestige malls, to local coffee shops, drive-thrus and online, Alshaya Group brings customers the brands they love in the places they want to be.

Advertised: India Standard Time
Application close: India Standard Time

Back to search results Apply now Refer a friend