Senior Manager, Information Security in Bengaluru, Karnātaka at Saviynt

Saviynt's AI-powered identity platform manages and governs human and non-human access to all of an organization's applications, data, and business processes. Customers trust Saviynt to safeguard their digital assets, drive operational efficiency, and reduce compliance costs. Built for the AI age, Saviynt is today helping organizations safely accelerate their deployment and usage of AI. Saviynt is recognized as the leader in identity security, with solutions that protect and empower the worlds leading brands, Fortune 500 companies and government institutions. For more information, please visit www.saviynt.com.

Design, deploy, and continuously improve enterprise DLP solutions across endpoints, email, cloud environments, and enterprise SaaS applications. Own tooling, policy tuning, incident response workflows, and effectiveness reporting to senior leadership
Develop and enforce data classification policies, data handling standards, and acceptable use guidelines for generative AI and third-party services, aligned with regulatory requirements (GDPR, SOC 2, ISO 27001, ISO 42001)
Conduct data flow mapping, risk assessments, and third-party data handling reviews to identify how Saviynt's internal and customer data is collected, processed, stored, and transmitted and ensure remediation of exposure gaps across the data lifecycle
Own the DSPM program to continuously discover, classify, and monitor sensitive data across cloud environments and AI and SaaS applications. Drive remediation of misconfigurations, shadow data, unprotected storage, and over-privileged access
Integrate DSPM insights with broader security operations to maintain a unified data risk posture, and define data access policies in partnership with IAM/IGA teams to enforce least-privilege principles
Provide cloud security architecture guidance across multi-cloud environments (AWS,Azure, GCP) covering IaaS, PaaS, and SaaS; conduct security assessments of externally consumed SaaS applications, AI applications and internally deployed workloads to evaluate architectural risks and data security control gaps
Define and drive the enterprise AI Security and Governance strategy, establishing policies, risk frameworks, and controls for the secure and responsible adoption of AIte chnologies and platforms including generative AI, LLM-based applications, and third-party AI based SaaS services.

Conduct AI security assessments evaluating risks while ensuring alignment with emerging frameworks and regulations (OWASP LLM Top 10, NIST AI RMF, EU AI Act, ISO 42001).
Define and track KPIs for Data Security, Cloud Security and AI Security initiatives and report on overall data security posture, risk trends, and program progress to senior leadership and key stakeholders

- Complete security & privacy literacy and awareness training during onboarding and annually thereafter

- Review (initially and annually thereafter), understand, and adhere to Information Security/Privacy Policies and Procedures such as (but not limited to):

> Data Classification, Retention & Handling Policy

> Incident Response Policy/Procedures

> Business Continuity/Disaster Recovery Policy/Procedures

> Mobile Device Policy

> Account Management Policy

> Access Control Policy

> Personnel Security Policy

> Privacy Policy

Saviynt is an amazing place to work. We are a high-growth, Platform as a Service company focused on Identity Authority to power and protect the world at work. You will experience tremendous growth and learning opportunities through challenging yet rewarding work which directly impacts our customers, all within a welcoming and positive work environment. If you're resilient and enjoy working in a dynamic environment you belong with us!