Integreon - Assistant Manager - Information Security

- Should be willing to work in shifts to support US/UK office timings i.e. 2pm - 11pm or 3pm - mid night (IST)

- Will be required to travel globally.

- Create awareness on the International standards for information security i.e. ISO 27001

- Be responsible for planning and scheduling of internal and external ISO audits at regular intervals

- Based on the audit results, do a broad analysis and initiate corrective actions at an organizational level to minimize occurrences of repeat non- conformities

- Co-ordinate with process owners to ensure that all non-conformities with respect to standards are closed by facilitating conducting of root cause analysis and taking corrective and preventive actions that eliminates the root causes.

- Maintain up-to-date inventory of the Information Assets and perform Risk Assessments to identify gaps and/or prepare SOA

- Responsible for getting VAPT done through an external vendor for all locations globally.

- Responsible to respond to customer RFP's and queries to internal/external or prospective clients pertaining to ISO standards

- Sustain certifications to ISO 27001:27001.

- Recommend ways and means to improve the organizations compliance to standards and hence demonstrate continual improvement

Lead auditor for ISO 27001:2013 standards

- Knowledge of ISO 9001:2008 (will be an added advantage)

- Excellent English verbal and written communication skills

- Knowledge of MS Word, Excel and PowerPoint

- Knowledge and experience in basic understanding of Network and Windows Operating systems

- Candidate should be familiar with VLAN and Firewall security

- Knowledge and experience of managing VAPT for organization - Candidate should be familiar with review of logs, Systems, Network etc.

- Solid time management skills

- Stakeholder management

Previous Experience Requirements:

- Extensive auditing experience in ISO 27001; experience in ISO 9001 standards will be an added advantage - Must be a certified lead auditor for ISO 27001:2013,

- Certification in ISO 9001:2008 will be an added advantage.

- 6-8 years relevant work experience

- Should have good knowledge and understanding of various concepts of information security, networking, auditing, penetration testing, risk assessment, Vulnerability Assessment (VA) and related issues.

- Relevant professional experience including working knowledge of the following technologies:

- TCP/IP networking including IP classes, subnets, multicast, NAT, DNS, and DHCP, Network troubleshooting, Wireless protocols and service, Remote access, Backup and Disaster recovery, Endpoint security, Patch management, email security etc.