Ensure services are provided in accordance with ISO 27001: 2013 standards
Maintain necessary documents and records to satisfy the requirements of ISO 27001
Conduct information security training and awareness of all staff and ensure compliance to security quiz
Ensure risk assessment registers are maintained and risk assessments performed
Security incident management (identify security events / incidents, conduct investigation, gather evidence, report to relevant authorities, suggest preventive measures and closures)
Partner with admin team and ensure controls are implemented in physical & environmental security domains
Partner with HR and ensure controls are implemented in HR domain
Access control
Compliance with systems and networks security
Compliance with information backup
Ensure vulnerability and penetration tests conducted for equipment
Ensure formal methodology are used for systems development and maintenance, conduct application security reviews
BCP / DR (ensure BCP / DR is in place, perform drill tests, reporting etc.)
Compliance with various laws and regulatory / statutory requirements (e.g. GLBA, HIPAA, UK DPA, PCI DSS, SOX. Local Laws etc.)
Coordinate with clients security manager on regular basis, provide monthly reports and ensure compliance
Perform internal audits and closure. Assist in client / external audits
CISA/CISSP Certificate Mandatory
Desired Experience:-
1) Excellent verbal and written communication skills
2) Good report writing skills
3) Process Driven and has eye for detail
4) Good interpersonal skills, self-motivated, willingness to take on challenges and adaptability to change
5) Sound network security and information security skills
6) Knowledge on PCI DSS is desirable
Didn’t find the job appropriate? Report this Job