GRC Manager, inter alia, be responsible for the following :
- Plan and establish organization-wide Information security Management System (ISMS) in accordance with ISO/IEC 27001 Standard, and other relevant security standards,
- Evaluate compliance with respect to legal and regulatory requirement for information security.
- Perform information security audit at least annually or whenever significant changes have been made in IT systems/ Infrastructure.
- Prepare information security audit report along with recommendations for improving information security.
- Monitor and manage information security risks and highlight them to various stakeholder
- Monitor information security measurement metrics and other key performance / risk indicators on regular basis
- Review information security / IT polices, standards, procedures, guidelines and processes.
- Review products / application for various information security risks and suggest control measure to mitigate them
- Help in defining / documenting information security presentation to various stakeholders
- Giving information security awareness training to employees and third parties
- Help in defining and monitoring cloud security controls
- Enforce and Monitor implementation of approved information security policies, procedures, guideline and ISMS etc.
- Design and Issue alerts and advisories with respect to new vulnerabilities / threats to all concerned.
- Continuous monitoring of security incidents. Take remedial action to reduce the sam
Didn’t find the job appropriate? Report this Job