3i Infotech - ISO Compliance Manager

The ISO Compliance Manager (ISO 9001 ) (ISO 27001) is responsible for ensuring that an organization's information security management system (ISMS) complies with the requirements of ISO 27001 standards. This role involves developing, implementing, and maintaining policies, procedures, and controls to safeguard the organization's information assets. The ISO Compliance Manager collaborates with various departments to promote a culture of information security and risk management, ensuring that the organization meets ISO 27001 certification requirements.

Key Responsibilities:

- Working experience as Lead Internal Auditor for ISO operations.

- Managing ISO 9001 and ISO 27001 audits for pan India location Experience in Leading Internal Auditor for ISO operations.

- Managing ISO 9001 and ISO 27001 audits for pan India location ISO 27001 Implementation: Lead the development and implementation of the ISO 27001 standard within the organization.

- Establish and maintain the Information Security Management System (ISMS) in accordance with ISO 27001.

Policy and Procedure Development:

- Develop, review, and update information security policies, procedures, and guidelines.

- Ensure that policies align with ISO 27001 requirements and industry best practices.

Risk Management:

- Conduct risk assessments and vulnerability assessments to identify and prioritize potential threats.

- Implement risk mitigation strategies and controls to address identified risks.

Compliance Monitoring:

- Monitor and assess the organization's compliance with ISO 27001 standards.

- Conduct regular internal audits to identify areas for improvement and ensure ongoing compliance.

Training and Awareness:

- Provide training and awareness programs on information security best practices.

- Foster a culture of security awareness throughout the organization.

- Incident Response: - Develop and maintain an incident response plan to address and manage information security incidents.

- Coordinate incident response activities to minimize the impact of security breaches.

- Documentation and Records Management: - Establish and maintain documentation related to the ISMS.

- Ensure the proper management and retention of records required for ISO 27001 certification.

Collaboration and Communication:

- Work closely with IT, legal, compliance, and other relevant departments to ensure alignment with ISO 27001 requirements.

- Communicate effectively with stakeholders regarding information security matters.

Continuous Improvement:

- Identify opportunities for continuous improvement in the ISMS.

- Regularly review and update security controls and measures to adapt to evolving threats.

Certification Maintenance:

- Manage the certification process and liaise with certification bodies.

- Ensure timely renewal of ISO 27001 certification.

Qualifications and Skills:

- Bachelor's degree in information security, cybersecurity, or a related field.

- Relevant professional certifications (e.g., CISM, CISSP, ISO 27001 Lead Auditor).

- Proven experience in implementing and managing ISO 27001 compliance.

- Strong understanding of information security principles and best practices.

- Excellent communication, leadership, and collaboration skills.

- Experience in conducting risk assessments and audits. Knowledge of relevant laws, regulations, and industry standards. The ISO Compliance Manager plays a critical role in safeguarding the organization's information assets and ensuring ongoing compliance with ISO 27001 standards.