Brief About the Company :

EdGE Networks is a leading skill development and technology solutions provider based in Bangalore, India. EdGE Networks connects the right person to the right job, with our platform for skill development, connecting every potential employer with every potential job seeker. HIREalchemy, our platform caters to Talent Acquisition as well as Workforce Optimization. We re-engineer Human Resource Management to empower industries, human resources, and the job seeker community, to create a community of skilled manpower. EdGE's trump card lies in its ability to identify skill gaps and fill those with skills that empower employment using technologies. For more details, please login to www.edgenetworks.in and www.hirealchemy.com

Do apply if any of this sounds familiar!

Designation : Infosec Enigneer

We are looking a candidate with hands-on experience in risk management and governance covering the aspects of information security, business continuity management, operational security and data privacy. The candidate shall be capable of creating documents, designing SOPs, conducting audits, reporting findings and tracking them to closure by working with related parties. The candidate shall also be technically sound to manage the security tools. The candidate should have knowledge of Business Continuity Management and should be well versed with various models and concepts of risk management, governance covering operational, business and information security frameworks, processes and functions.

Experience in a similar role with an SMB/start-up would be preferred.

Kindly revert us with updated resume and below questionnaire .

a. What OSs/application ecosystems do you have a hands-on experience in?

b. What is the level of experience/expertise with respect to compliance management in a cloud primary eco-system?

c. If so, which cloud eco-system (AWS/Azure/ GCP) is it?

d. Are there any certifications (CISA/CISSP etc) that you might happen to have?

Primary functions of the role :

- Knowledge of industry standards like ISO 27001/27002 and have worked on ISMS, with a practical and pragmatic approach to needs, standards, and functions

- Identify scope of risk assessments and assist business in conducting business impact analysis

- Establish and maintain relationships with third parties and relevant business and InfoSec/Privacy stakeholders

- Coordinate with internal risk assessors and third parties/business for flawless execution of risk assessments

- Maintain Risk, Issue and Change registers for information security

- Conduct periodic assessments, report findings with related teams and work to get them closed in accordance with the policy framework adopted

- Review risk reports, risk SLAs/performance metrics for assigned business units

- Mapping business processes with risk areas

- Develop and implement a mechanism for defining and maintaining information flow maps within org, and between the org and client organizations - providing controls where necessary

- Participate in risk report discussion with a third party and internal business

- Engage respective business units to resource and monitor risk treatment to ensure compliance with Sony's information security policies and standards

- Experience in articulating risk management concepts to all levels of the organization

- Develop presentations; effectively lead meetings and conference calls for third-party risk assessments involving IT, business, third party contacts

- Shall have the technical background to manage security solutions

- Evaluating security products and recommending the solutions

- Perform various day to day activities related to information security

- Exposure of Content filtering and Data loss prevention

- Maintain currency with security and security enhancing technologies and brief colleagues as needed to enable measures to be implemented where and when necessary/desirable

- Conduct a periodic audit of projects. Provide advice and take action, where necessary, in response to Audit findings and recommendations in respect of information security

- Undertake any other duties commensurate with the grading of the post

Non-technical skills :

- Excellent analytical and problem-solving skills

- Work well with others in a culturally diverse environment

- Understanding business requirements for large and complex business environments

- Ability to learn and assimilate information from multiple people and resources

- Should be inquisitive and a fast learner

- Able to manage multiple projects simultaneously, with strong ability to prioritize multiple tasks and respond to emergencies, organize and schedule work effectively

- Exceptional communication, collaboration, and advocacy skills, both verbal and written, with the ability to express complex and technical issues as an understandable language to all levels of personnel within the organization, and with clients and other stakeholders.

This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.