Founder at GAMA India
Views:1269 Applications:191 Rec. Actions:Recruiter Actions:185
Information Security Specialist - IT (10-15 yrs)
Who are we looking for?
- Demonstrated experience in IT Security Management at IT infrastructure and IT applications.
- Mixed managerial, analytical and technical skills, and knowledge in all aspects of computer security in multi IT areas: database, development, network, operating systems, IT security, specific applications security, Cloud Security etc
- Good understanding and writing skills of computer systems security strategies, policies,
- Good Knowledge of risk assessment processes
- Good understanding of current legal and regulatory requirements relating to information security and privacy - ISO17799/BS 7799, ISO 27001-2013
- Up to date knowledge of information security; industry certifications covering information security are added advantages - CISSP, CISM, CISA, CCSP
- Strong team skills and ability to collaborate across functions.
- Strong analytical and communication skills
What will you be doing?
As an Information Security Specialist, you will be responsible for protecting the organizations -Technology resources and information assets by :
- Ensuring strategic alignment of information security by working with InfoSec Specialist/Sr. Specialist in support of business objectives
- Ensuring confidentiality, integrity, availability of the Information assets
- Ensuring compliance to various standards like ISO 27001 and other applicable regulations
Information Security Governance:
- Establish and maintain a framework to provided assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations.
- Define and elaborate the information security strategy in support of the business strategy and direction
- Identify current and potential legal and regulatory issues affecting information security and assess their impact
- Establish and maintain information security policies that support business goals and objectives.
Risk Management :
- Identify and manage information security risks to achieve business objectives.
- Develop a systematic, analytical and continuous risk management process.
- Ensure that risk identification, analysis and mitigation activities are integrated into projects and processes life cycle.
- Identify and analyze risks through suitable and recommended methods
Information Security Program Management :
- Design, elaborate and manage information security program to implement the information security governance framework.
- Establish and maintain plans to implement the information security governance framework.
- Define annual information security budget
- Manage the information security budget in implementing the information security program.
Information Security Management:
- Oversee and direct information security activities to execute the information security program.
- Lead the plan, organize, assign, supervise and monitor the work of other team members where ever necessary
- Ensure that the rules of use for information systems and the administrative procedures for information systems comply with the information security policies.
- Ensure that services provided by other enterprises, including outsourced providers are consistent with established information security policies.
- Establish and manage capability to response to and recover from disruptive and destructive information systems events.
- Design, and implement processes for detecting and analyzing security-related events.
- Develop response and recovery plans like organizing, training, and equipping teams.
- Ensure periodic testing of the response and recovery plans are appropriate