Work Location: Andheri (W) - Near Azad Nagar Metro Station.
Duties and Responsibilities
• Implement and maintain the Information Security Management Systems (ISMS) as per requirements of the PCI DSS, ISO 27001:2013 standards and applicable regulatory requirements
• Conduct independent internal reviews or through external qualified agencies as per the standards and business requirements
• Identify and formulate the Company’s approach to risk assessment and management and the level of assurance required for the all existing and new information processing facilities
• Responsible for review of user rights in access control systems
• Responding to questionnaires received from customers.
• Responsible for handling customers audits.
• Review Information Security policies & create incident response procedures
• Liaise with external bodies such as external security systems consultants, Certification Body, on matters relating to the ISMS
• Responsible for implementing the information security requirements of the organization`s Privacy Program
Skills required
• Knowledge of technical domains such as network security, cloud security application security, control testing, legal and compliance, data privacy, human resource related controls, supply chain, environmental security, cryptography.
• Knowledge of concepts such as vendor risk profiling, country risk assessment, outsourcing/ technology regulations some exposure
• Strong Auditing & Auditee skills is desired.
• Excellent written and verbal communication skills.
• Ability to work well in teams.
• Demonstrate integrity, values, principles, and work ethic and lead by example.
Qualities/ Competency necessary
• Relevant Experience in Information security, vendor/ supplier/ third party risk assessment,
• Good knowledge of standards such as ISO27001, PCI-DSS, ISO22301, privacy etc.