TCS - Information Security Analyst

Ensure services are provided in accordance with ISO 27001: 2013 standards

Maintain necessary documents and records to satisfy the requirements of ISO 27001

Conduct information security training and awareness of all staff and ensure compliance to security quiz

Ensure risk assessment registers are maintained and risk assessments performed

Security incident management (identify security events / incidents, conduct investigation, gather evidence, report to relevant authorities, suggest preventive measures and closures)

Partner with admin team and ensure controls are implemented in physical & environmental security domains

Partner with HR and ensure controls are implemented in HR domain

Access control

Compliance with systems and networks security

Compliance with information backup

Ensure vulnerability and penetration tests conducted for equipment

Ensure formal methodology are used for systems development and maintenance, conduct application security reviews

BCP / DR (ensure BCP / DR is in place, perform drill tests, reporting etc.)

Compliance with various laws and regulatory / statutory requirements (e.g. GLBA, HIPAA, UK DPA, PCI DSS, SOX. Local Laws etc.)

Coordinate with clients security manager on regular basis, provide monthly reports and ensure compliance

Perform internal audits and closure. Assist in client / external audits

CISA/CISSP Certificate Mandatory

Desired Experience:-

1) Excellent verbal and written communication skills

2) Good report writing skills

3) Process Driven and has eye for detail

4) Good interpersonal skills, self-motivated, willingness to take on challenges and adaptability to change

5) Sound network security and information security skills

6) Knowledge on PCI DSS is desirable