- Carry out Privacy risk and impact assessment for client operations and technology infrastructure
- Assist Risk management functional leaders in overseeing compliance activities relating to information security
- Promote security awareness by developing and implementing a security awareness and training program
- Establish metrics and regular reporting mechanisms for measuring success
- Assess security protocols and recommend upgrades, patches, new applications and equipment, as needed
- Assist in vendor security risk assessments with business stakeholders and manage deficiencies and exceptions
- Assist in writing security policies for Elevate
- Assist in Information Security governance process including Policy and Standards across the organization
- Manage ISO 27001 ISMS audits and certification program
- Provide oversight on the reporting and assist IT Stakeholders in defining IT strategy, information architecture and other technology directions
- Conduct assessment / review of IT processes and recommend action for improving IT governance maturity using reference frameworks like ISO 27001/ ITIL/others
- Operate and maintain the Information Security Management System (ISMS) of IT services based on ISO 27001
- Plan and implement ISMS in key business functions
- Assess and manage information risks enterprise risk management
- Manage Information Security policy and procedure documents, including but not limited to incident response, IT security policy, segregation of roles and responsibilities, audit plans, methodology, risk register, etc
- Develop and institute standards, policies, procedures, guidelines
- Maintain compliance to accreditations/certifications like ISO 27001 (surveillance, re certification audits)
- Assist in compliance to policies and all applicable external regulations as required
- Oversee Security Awareness program at organizational level including the Information Security training programs for staff and work towards continuous improvements
- Interface with business users, collect their feedback on Information Security performance, and drive improvements
- Provide reports to senior management for review of information security risk and governance
- Keep abreast with latest security and privacy regulations, advisories and alerts
Didn’t find the job appropriate? Report this Job