Core Competencies :
- Define, implement and maintain the Information Security Management System (ISMS) and Privacy Standards in compliance with frameworks, standards and regulations such as ISO 27001, Service Organization Controls (SOC), General Data Protection Regulation (GDPR), NIST
- Plan and execute periodic risk assessment based on ISO 27001 and 31000 based Risk Assessment and Management Methodology
- Maintain SOC 1 & 2 Compliance, monitor and report effectiveness
- Define, Review and Maintain the organizational information security policies, process, procedures and control framework in line with ISO 27001:2013 standard and best practice to ensure it is adequate to address the emerging risks due to changing environment and technology Align customers and internal information security objectives to the ISMS and Privacy Standard
- Conduct Information Security Awareness and Training programs for employees as a part of their induction and regular awareness
- Plan and Co-ordinate BCP and DR tests
- Work with teams on technical implementation and preferably be able to perform hands-on system related technical tasks as and when required (preferable past experience in IT, AWS and Security Administration Experience)
Look-out for the job :-
- 7-12 years of relevant experience in Information / Cyber Security.
- Graduate in BE/BTech/BSC Computer Science with active CISSP/CISA
- Experience in ISO27001, SOC and 31000 based Risk Assessment and Management.
- Experience in Methodology Implementation of ISO 27001, SSAE16/SOC, NIST Requirements.
- Knowledge of secure protocols, data protection, encryption mechanisms.
- Knowledge of AWS services from security perspective.
- AWS security certification preferred.
- Experience working in a Big4 is must. in Information / Cyber Security.
Didn’t find the job appropriate? Report this Job