Home
Job Title: Information Security Officer
Location: Pune

Who We are: 
Acuiti Labs is a specialist Global SAP consulting firm headquartered in London, UK, servicing clients globally for ‘Consume to Cash’ process transformation and optimization. 
We solve business challenges and problems using the most appropriate solution architecture, technology which fits into the client’s requirements and provides optimum functionalities, build tech platforms, and enable market-winning digital strategies. Our core expertise and experience are in technology R&D, digital and business strategy. We deploy efficient and effective talent solutions to enable innovation and build software products and solutions in a robust and economic manner. We also have innovative business engagement models to suit the needs of each client. For more information, please visit our website.https://www.acuitilabs.com/ 
  • Most Innovative Companies in The UK – 2024 
  • Great Place to Work Certified – 2022, 2023, 2024 & 2025 
What we believe in: 
We take pride in having a diverse and talented workforce spread across various geographical locations. We are a gender-neutral organization and we strongly believe in Diversity and Inclusion. Our core values include – 
  • Excellence 
  • Integrity 
  • Learning 
  • Organizational pride 
  • Respect 
What We Do: 
Innovation is at the heart of everything that Acuiti Labs offer. As an SAP Silver Partner, and an SAP BRIM company, Acuiti Labs has been delivering business technology solutions & digital transformation deploying SAP BRIM (Billing) on S/4HANA and cloud-based applications such as Subscription Billing, CPQ & Entitlement Management. 
Acuiti Labs come with the experience of multiple industry use cases to support the subscription and consumption-based Target Operating Models. This includes Mobility-as-a-Service (Travel using Public Transport and Private Vehicles), Tourism-as-a-Service (Hotels, Entertainment Parks), Ports-as-a-Service (Airports and Seaports), Postal-as-a-Service, Telco-as-a -service, and Software-as-a-Service. “Our core expertise and experience lie in providing reliable technology, enabling digital transformation for an intelligent enterprise, and offering business strategy consulting, and deploying innovative and efficient solutions. 
  
What we offer you: 
We are proud to be an organization that firmly believes in having a company culture that is friendly, motivating, nurturing, and challenging at the same time. we enthusiastically promote new policies and practices that ensures wellbeing of our employees.   
We offer comprehensive benefits including life insurance, group medical coverage for you and your family, and personal accident protection. Enjoy a supportive work-life balance with flexible hours, paid time off, and various lifestyle perks. Be recognized with monthly rewards, spot bonuses, and growth shares, while advancing your career with training, global exposure, and onsite opportunities. We're committed to your development, diversity, and well-being.  
 
Role Overview
The Information Security Officer (ISO) will be responsible for establishing, implementing, monitoring, and improving Acuiti Labs’ Information Security Management System (ISMS) and Data Protection framework in alignment with ISO/IEC 27001:2013ISO/IEC 27001:2022, and ISO/IEC 27701:2019 standards.
This role combines strategic planning, risk management, compliance oversight, and hands-on execution to ensure robust protection of Acuiti Labs’ information assets and adherence to regulatory and client requirements.
 
Key Responsibilities
1. Planning
  • Define information security goals and objectives aligned with Acuiti Labs’ business strategy.
  • Establish the scope and boundaries of the organization’s ISMS.
  • Develop and maintain information security policies, standards, and guidelines.
  • Create classification policies for information assets and ensure appropriate handling procedures.
  • Plan and implement ISMS in compliance with ISO/IEC 27001 standards.
  • Develop risk management and security implementation frameworks with measurable KPIs.
  • Define and maintain a process for continuous review and improvement of security policies and procedures.
 
2. Information Security Management
  • Maintain and improve the organization-wide Information Security and Risk Management Plan.
  • Ensure integration of security principles into all business and IT processes.
  • Conduct regular risk assessments, vulnerability analyses, and impact assessments.
  • Define and implement risk treatment and residual risk evaluation measures.
  • Oversee incident response, including documentation, analysis, and remediation of security breaches.
  • Monitor compliance with legal, regulatory, and contractual requirements.
  • Lead organization-wide security awareness and training programs and measure their effectiveness.
  • Drive Business Continuity and Disaster Recovery Planning (BCP/DR) initiatives, including periodic drills and updates.
  • Manage change control processes for ISMS and IT infrastructure updates.
  • Ensure vendor and contractor compliance with organizational security standards.
 
3. Data Protection Officer Responsibilities
  • Serve as the primary point of contact for data privacy and protection matters.
  • Ensure compliance with ISO/IEC 27701:2019GDPR, and other relevant data protection laws.
  • Maintain detailed records of all data processing activities.
  • Conduct periodic data protection impact assessments (DPIAs).
  • Respond to data subject requests and coordinate with supervisory authorities as needed.
  • Monitor changes in privacy laws and update internal practices accordingly.
 
4. Information Security Auditing
  • Conduct internal ISMS audits at least annually or after significant infrastructure changes.
  • Evaluate compliance with legal, regulatory, and organizational information security requirements.
  • Prepare and present audit reports with actionable recommendations to senior management.
  • Lead remediation efforts and ensure timely closure of audit findings.
 
Qualifications
  • Bachelor’s or Master’s degree in Information Technology, Computer Science, or related field.
  • MBA or equivalent management qualification preferred.
  • Relevant certifications such as CISSP, CISM, CISA, or CRISC are highly desirable.
  • 5–10 years of progressive experience in Information Security, Risk Management, or IT Governance, ideally within the IT or SAP consulting industry.
  • Proven experience implementing or maintaining ISO/IEC 27001 and ISO/IEC 27701 standards.
  • Strong understanding of IT audit principlescybersecurity frameworks, and risk assessment methodologies.
 
Desired Skills and Competencies
  • In-depth understanding of infrastructure securitycloud platforms (AWS, Azure)network security, and identity management.
  • Experience with Microsoft technologies (Windows Server, Active Directory, M365) and ServiceNow.
  • Strong knowledge of SAP ecosystem security considerations preferred.
  • Exceptional communication, leadership, and stakeholder management skills.
  • Ability to work independently, manage multiple priorities, and drive cross-functional collaboration.
  • Strong ethical standards, analytical mindset, and commitment to continuous improvement.
  • Awareness of global data privacy regulations and cybersecurity trends.
 

View all job openings