Information Security Officer (Job Code : J46179)  

 Job Summary
Share this job on Facebook  Share this job on Twitter  Share this job on Linked In
5.00 - 8.00  Years 
Information Security Officer
BE-Comp/IT, BE-Other
Educational Level:
Stream of Study:
Industrial Type:
IT-Software/Software Services
Functional Area:
IT Software - Application Programming / Maintenance
Key Skills:
Vulnerability, risk
Job Post Date:
2022-09-08 18:15:34  

 Company Description
My client provides convergent CRM & Billing, Interconnect, Mediation and Provisioning solutions to fixed, mobile, IP and convergent telecom operators worldwide.

Their areas of focus are Fixed, mobile, cable and multi-service telecom service providers.

Their Key services -

-Implementation and integration

-Product customisation

-Managed services

-Support & maintenance
My clients solutions are designed throughout to be service agnostic and scalable to grow with the client’s business. The inherent product flexibility is reflected in their diverse customer base which spans everything from mobile, fixed line, broadband and fully convergent multi-play operators, to MVNOs and multi-service resellers.

 Job Description
1. Current CTC :
a. Fixed Component :
b. In hand take home :
c. Variable component :
2. Expected CTC :
a. expected in hand component :
3. Notice Period :
4. Reason for Change :
5. Do you have any monetary bond with your current company- :
6. Current Location :
7. Likely time frame to return to Pune:
8. Appraisal Status :
9. Any other offers in hand- :
10. Pune address :
11. Are you a contract employee or permanent?

1. Exp in Vulnerability Assessment & Penetration
2. ISO 27001:2013 - Certification, Understanding
3. Exp in Cloud Security practices

Job Description:
We are looking for an experienced Information Security Officer to work in our
Quality Assurance/InfoSec Function and will be reporting to InfoSec & Quality
Manager with Global company responsibility across our internal and customer
sites. The focus of this position will be on ISO 27001:2013 Control
Implementation and Control Assurance. To protect the personal information of
employee and client to establish and maintain the basic GDPR controls.
Key tasks include:
? To perform the Gap assessment of existing controls against ISO
27001 Annexure controls and guide function POCs to bridge those gaps
? Identify the cost-effective alternatives to ISO 27001 Annexure control and
look after the technical specification and implementation
? Information Security Risk assessment for valuable assets based on NIST
SP 800-30, understanding of ISO 27001:2005 and ISO 27001:2013
? BCP and DR planning and coordination, help the function owner to
conduct the BCP test and collect results to perform analysis
? Perform Internal audits/Compliance checks to assess the adherence to
ISO 27001, ISO 9001 & GDPR
? Perform the audit findings analysis to target the week process area and
draft the action plan
? Perform Network VA scans with the help of Nessus tool and report
vulnerabilities to Infrastructure team
? Take an ownership of control assurance and make sure all the
vulnerabilities are closed, none of the threats are exposed
? Research, develop, implement, test and review my clients information
security in order to protect information and prevent unauthorized access to
internal systems
? Data protection officer experience & knowledge about the GDPR
regulations, DPO certification will be value added
? To update first response to the customer RFP for InfoSec questionnaire,
based upon the information security
? Understanding and knowledge about ISO 9001:2015, PCI DSS, Cyber
Essentials plus
? Hand on experience on Cloud Security practices such as NCSC Cloud
Security Principles for IaaS, PaaS and SaaS
? Constant systems review in order to identify potential security
weaknesses, recommend improvements to amend vulnerabilities,
implement changes and document upgrades.
? Access Control Matrix (ACM) Review of actuals against the planned on
Quarterly basis for different designations
? Coordinate with external auditing bodies/external auditor to perform the
Certification and Surveillance audits