Nimesa - ISMS Lead Implementer

ISMS Lead Implementer

Job description:

Job Title: ISMS Lead Implementer

Job Location - CV Raman Nagar, Bangalore

Experience: 5+ years Reports to: CTO

Qualification: BE/ B.Tech /BSC /BCA/ MTech / ME

About the Role:

We are seeking a skilled and experienced ISMS Lead Implementer to oversee and enhance our Information Security Management System (ISMS). The ISMS Lead Implementer will play a pivotal role in ensuring the confidentiality, integrity, and availability of our information assets. This role requires a proactive individual who can manage compliance with standards like ISO/IEC 27001, conduct risk assessments, and foster a culture of security awareness within the organization.

Key Responsibilities:

1. Developing and Implementing ISMS Policies and Procedures:

- Analyze organizational security requirements and develop comprehensive policies.

- Ensure compliance with standards such as ISO/IEC 27001.

- Regularly review and update policies to align with emerging threats and regulatory changes.

2. Conducting Risk Assessments and Management:

- Identify potential threats and vulnerabilities to information assets.

- Evaluate risks and implement mitigation strategies to safeguard critical information.

- Perform periodic risk assessments to ensure ongoing security.

3. Ensuring Legal and Regulatory Compliance:

- Stay updated on changes in information security laws and standards.

- Advise senior management on compliance requirements and implications.

- Implement measures to achieve and maintain compliance.

4. Managing Security Incidents:

- Develop and maintain an Incident Response Plan.

- Coordinate responses to security incidents, including investigation and corrective actions.

- Conduct post-incident reviews to identify areas for improvement.

5. Training and Awareness Programs:

- Design and implement training programs to promote a security-conscious culture.

- Raise awareness about security policies, roles, and responsibilities across the organization.

6. Monitoring and Reporting:

- Monitor adherence to ISMS policies and conduct regular audits.

- Report information security statuses and audit findings to senior management.

- Recommend improvements based on analysis of trends and assessments.

7. Liaising with External Auditors and Regulators:

- Act as the primary contact for external audits and assessments.

- Provide required documentation and implement recommended actions to ensure compliance.

8. Managing Information Security Projects:

- Plan and execute security initiatives to strengthen the ISMS framework.

- Manage project timelines, resources, and evaluate project outcomes.

9. Maintaining Business Continuity and Disaster Recovery Plans:

- Develop and test business continuity and disaster recovery plans.

- Ensure preparedness for unforeseen disruptions and lead recovery efforts.

10. Collaboration with IT and Other Departments:

- Work with IT to implement technical security controls.

- Coordinate with HR to ensure security practices are embedded in onboarding and offboarding processes.

- Collaborate with other departments to identify and mitigate security risks.

Qualifications & Requirements:

- Experience: 3 to 5 years in ISMS implementation and management.

- Strong understanding of ISO/IEC 27001 standards and information security frameworks.

- Proven ability to conduct risk assessments, manage incidents, and oversee audits.

- Experience in business continuity planning and disaster recovery.

- Excellent communication and interpersonal skills to collaborate with cross-functional teams.

- Strong problem-solving and analytical abilities.

- - the candidate must have a very good communication skill