Elytra Security - Implementation Consultant - ISO 27001

Job Title: ISO 27001 Implementation Consultant

Company: Elytra Security

Location: Bengaluru, Karnataka, India

Employment Type: Full-time

Work Arrangement: Hybrid (combination of remote work and on-site presence); travel to client locations as necessary

About Elytra Security:

Elytra Security is a specialized consultancy firm dedicated to helping organizations fortify their information security and achieve compliance with globally recognized standards. With expertise in ISO 27001 implementation and Cyber Security Controls Framework (CSCRF) consulting, we deliver tailored solutions that empower businesses to protect sensitive information, mitigate risks, and demonstrate robust security practices.

Job Summary:

We are seeking a skilled ISO 27001:2022 Implementation Consultant to lead and manage the implementation of ISO 27001:2022 Information Security Management Systems (ISMS) for our clients. The ideal candidate will have extensive experience in information security management, risk assessment, compliance, and the ISO 27001:2022 certification process. This role involves working closely with clients to ensure their information security practices align with ISO 27001 standards and achieve certification.

Key Responsibilities:

Consultation and Assessment:

- Conduct initial gap analysis and risk assessments to evaluate the client's current information security posture.

- Develop comprehensive implementation plans tailored to the client's organizational needs.

ISMS Implementation:

- Design, document, and implement ISMS policies, procedures, and controls aligned with ISO 27001:2022 requirements.

- Establish and monitor risk management processes, including risk identification, evaluation, and treatment.

- Support the development of asset registers, risk treatment plans, and Statement of Applicability (SoA).

Training and Awareness:

- Provide training sessions to staff and stakeholders to build awareness and understanding of ISO 27001:2022 principles and best practices.

- Promote a culture of information security within the client organization.

Audit Support:

- Prepare the organization for internal and external audits by certification bodies.

- Conduct internal audits and ensure non-conformities are effectively addressed.

- Assist clients during the ISO 27001:2022 certification audit process.

Continuous Improvement:

- Provide guidance for ongoing compliance and improvement of the ISMS post-certification.

- Recommend updates to policies and procedures based on evolving threats and business needs.

Stakeholder Management:

- Act as a trusted advisor to clients, ensuring clear communication and alignment on objectives.

- Collaborate with cross-functional teams to ensure the successful implementation of ISO 27001:2022.

Qualifications and Skills:

Education and Certification:

- Bachelor's degree in Information Technology, Cybersecurity, or related field is preferred.

- ISO 27001:2022 Lead Auditor or Lead Implementer certification is preferred.

- Other relevant certifications such as CISM, CISSP, or CRISC are a plus.

Experience:

- Proven experience in implementing and managing ISO 27001:2022 frameworks in diverse organizational settings.

- Strong knowledge of risk management, information security controls, and compliance requirements.

Technical Skills:

- Familiarity with information security management tools and technologies.

- Knowledge of other standards such as ISO 27701 (Privacy Information Management), ISO 22301 (Business Continuity), GDPR, or SOC 2 is advantageous.

Soft Skills:

- Excellent communication, presentation, and interpersonal skills.

- Strong project management and problem-solving abilities.

- Ability to work independently and as part of a team in a fast-paced environment.