Job Description

ROLES & RESPONSIBILITIES . Experience in ISO 27001: 2022 (ISMS) Implementation and internal auditing . Review and Analyze ISO 27001: 2013 related controls . Conduct Risk Assessment for Internal Functions and departments . Understanding and communicating identified risks and associating them with ISMS controls . Ensure Compliance to the Business Agreements, Policies, Procedures & Regulations along with the ability to map Controls and Compliance Requirements . Support Remediation Efforts with Business . Maintain Metrics and Report them . Ensure alignment of Security Policies/ Standards with IT Infrastructure Frameworks . Prioritize and Organizes own work to meet deadlines . Executes Compliance Programs in support of the Conformance to Stated Policies . Conducting Regular ISMS Audits based on Business Requirements, Customer Requirements and Organization Standards and Parameters for the process . Conducting ISMS Awareness Session for employees . Knowledge in Application Security Assessment using OWASP methodologies . Knowledge of Compliances such as ISO 22301, PCI DSS, HIPPA, GDPR, SOC 2 etc. would be an added advantage. Candidate Desired Profile . The applicant should be able to support Information Security Policies, standards and procedures to secure and protect data residing on systems . Work Directly with User departments to implement procedures and systems for the protection, conservation and accountability of proprietary, personal or privileged electronic data . Should be a certified ISO 27001 2013 Lead Auditor or Lead Implementer. . Should have a minimum of 2-3 years of experience in Information Security domain.

foundit