Microland - Associate Manager - Risk & Compliance Information Security (8-10 yrs)
- Accountable for effective implementation of ISMS policy, process and procedures in the organization.
- Perform Risk Assessment, identify risk & suggest mitigation strategy.
- Ensure Policy is up-to-date
- Ensure Process & Procedure documents are in place
- Develop and maintain ISMS documentation on his/her own.
- Publish Weekly, Monthly Dashboard (Organization View & Monthly View)
- Review and provide recommendation for improvement of InfoSec & IT processes
- Ensure all Risk & Compliance gaps are tracked and taken to closure in a timely manner.
- Work closely with the various Support Functions to ensure risk are mitigated
- Drive InfoSec Culture across the organization through sending awareness mails, newsletters etc.
- Respond to Customer RFP on InfoSec matters
- Ensure the ISMS is in line with NIST Cyber security framework & ENISA framework.
- Prepare monthly dashboards for delivery, CISO and Executive leadership.
- Prepare monthly mailers on threat intelligence and inform various stakeholders including our customers.
- Desired Profile Overall 8+ years of experience, with at least 3 years in ISO 27001 (end-to-end), Information security compliance activities, IT security reporting and risk assessment
- Education: Bachelors degree or equivalent
- Ensure Compliance to ISO27001 Certification Requirements.
- ISO 27K certification or any similar certifications.
- Sound knowledge on NIST Cyber security framework.
- Have advanced level experience and knowledge in Reporting, PowerPoint and Excel.
- Expert level and demonstrable experience on security policy and implementation.
- Good communication and writing skills
- Ability to talk to various stakeholders, make them understand the importance of ISMS and address their concerns.
- Should be well versed with ISO 27001 standard and should have implemented ISMS within his/her organization.
- Sound understanding of Cyber security and related risks on a continual basis.
- Hands on experience in implementing ISO 27001:2013 and highly skilled in understanding the standard and mapping the same to the organization.
- Sound understanding on Infosec related risk assessment and ways to address the same.
- Good understanding of security technologies and hands on experience is preferred like End point security, email security, perimeter security etc.
Job Location - Bangalore
HR Contact - Arnab Guha
This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.