Job Description

Job D

escription

Ensure that processes needed for the Information Security Management System (ISMS) are implemented and maintained. Plan, schedule and conduct internal audits on regular basis. Prepare and publish dashboards/reports pertaining to ISMS Standard requirements. Prepare / review presentation and minutes for management review meetings. Ensure closure of action items discussed during the MRM. Review the Client document like MSA, Sow and to ensure the policy and procedures in place as per the client requirements. Review of Data Processing Agreement and evaluating the Technical organizational measures Analyse process and product non-conformances, customer feedback and complaints; Review CAPA plan for internal and external audit findings and organize for closure. Plan trainings for coordinators on improvement areas pertaining to RCA and CAPA. Follow-up and positively influence on addressing non-conformances and corrective actions. Conduct assessments to define and analyse possible risks Develop risk management controls and systems Design processes to eliminate or mitigate potential risks Drive BCP initiatives and handling supporting tasks Manage centralized documentation for ISMS Perform evaluation of internal controls, testing of processes Timely issuance of the audit reports, follow-up recommendations issued timely and escalate when needed. Write formal & clear reports to communicate audit results to management. Provide inputs to the Leadership Council on audits, findings and observations, analyse the trend on Audit findings and observations. Ensuring post-review of priority 1 incidents & Chairing the incident and problem review meetings Notifying the participants in the Incident Management process when standards and procedures are not being followed Responding to the Incident Analysts regarding escalation issues in a timely and appropriate fashion Carries out the Process Manager responsibilities for the Incident Management process Manage contracts and relationships to maximize value creation and costs for software licensing, maintenance, and service offerings. Respond to requests from end users, managers and Directors for specific IT Software Asset Management data information and ensuring compliance is achieved Performing Audit on SAM process and updating the Management team on the risk IT Infra Risks review Coordination with stakeholders Audit coordination follow-ups and issue closures with stakeholders Physical Access review - Command Centre Tech Rooms Infra Risk Dashboard - Data collation Preparation Distribution IT Infra Record Management compliance Business Continuity support - Event coordination, Data preparation, Coordination with Managers Stakeholders.

Job Responsibility:

8- 12 years of experience in Risk and Compliance Certified Lead Auditor in ISO 27001:2013 Experience in ISMS Process Implementation and Auditing. Identifying and analysing various risks Developing risk management controls and contingency plans Prepare reports and present recommendations Help implement solutions and plans Knowledge in Risk Assessment, Incident Management - CAPA, Change Management, Objectives Management, PCI-DSS, HIPAA, GDPR Knowledge in Vulnerability Assessment and Penetration testing Exposure in External ISMS audits. Proficient in MS Excel.

Skills:

Risk and Compliance Management Auditing Organizational Skills Communication Skills Business Knowledge

Job Snapshot

Updated Date
24-06-2025
Job ID
J_3564
Location
Chennai, Tamil Nadu, India
Experience
8 - 12 Years
Employee Type
Permanent