Role : Manager
Location of Posting : Bangalore
Educational Qualification : B.E/B.Tech
Minimum - Maximum Years of Experience : 6-10 years
Profile/Skill Sets :
1. Information security concepts and principles, including confidentiality, integrity and availability of information.
2. Knowledge of Enterprise security architecture (Security technologies, Operating systems, databases, network, applications)
3. Threats and vulnerabilities related to: business processes, emerging technologies, data management, IT operations, third party relations, Critical assets, infrastructure, applications etc.
4. Information Security Management System (ISMS) ISO 27001, 27002
5. Knowledge of Information security baselines like SOGP, NIST cyber security framework etc.
6. Cyber security risk management standards like: o ISO 27005 Information Security Risk Management Standard o ISO 31000 Risk Management Standard o NIST and ISF Risk Management best practices o IRAM (Information Risk Assessment Methodology) from ISF
7. Risk scenario development tools, techniques 12.8. Quantitative and Qualitative risk assessment methodologies (FAIR, IRAM, ISO 31000 etc.)
9. Knowledge of Organization policies, standards, processes
10. Control assessment types (e.g., self-assessments, audits, vulnerability assessments, penetration tests, third-party assurance)
11. Knowledge of IT-GRC looks like Archer, Metric Stream
12. Supplier Information security risk assurance basics knowledge of standards like ISO 27036 - Information security for supplier relations, Shared assessment model.
13. Information security certifications like Security+, CCNA, CISA, CISSP preferred.
14. Stay abreast with the fast changing world of Information Technology and Cyber Security.
Others:
1 Good verbal and written communications skills mandatory
2 Strong analytical capabilities
3 Self-starter, positive mentality and a go getter attitude mandatory.