Hello eager tech expert!
We are looking for an Information Security Specialist with experience in Information Security Governance, Risk, and Compliance (GRC) and strong data and network security concepts. The role will focus on maintaining and managing ISO 27001 certification, handling the overall Information Security Management System (ISMS), coordinating with internal stakeholders, conducting internal audits, facilitating external audits, and supporting information security program management. The ideal candidate should have strong knowledge of security governance frameworks, audit processes, risk management, and compliance requirements.
You’ll break new ground by
Key Responsibilities:
- Maintain and continuously improve the ISMS aligned with ISO/IEC 27001:2022 standard.
- Support development and enforcement of security policies and governance frameworks.
- Manage ISO 27001 certification and ensure ongoing audit readiness.
- Coordinate internal and external audits and drive closure of findings.
- Conduct and support information security risk assessments and treatment plans.
- Monitor compliance with regulatory, legal, and organizational requirements.
- Maintain risk registers, compliance trackers, and security dashboards.
- Collaborate with stakeholders to ensure security controls are effectively implemented.
- Provide security guidance and awareness across business and IT teams.
- Support cybersecurity and data security initiatives, governance forums, management reviews, and reporting.
- Oversee implementation and effectiveness of security controls (data, access, network).
- Coordinate with technical teams advising on cybersecurity, infrastructure, and application development best practices; embed secure-by-design principles and ensure security controls are integrated throughout the SDLC
- Advise on security architecture and control implementation across data, applications, infrastructure, and network domains.Promote a strong organization-wide security culture and awareness.
You’re excited to build on your existing expertise, including:
Required Skills & Qualifications:
- Bachelor’s degree in information security, Computer Science, or related field.
- 5-7 years of experience in information security with at least 5 years in directly managing and maintaining an Information Security Management System (ISMS).
- Strong knowledge of ISO/IEC 27001:2022 standard, regulatory frameworks such as NIST Cybersecurity Framework, COBIT, GDPR, CIS Controls
- Relevant certifications such as ISO/IEC 27001:2022 Lead Implementer (LI)/Lead Auditor (LA), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) preferred.
- Excellent stakeholder management skills and the ability to communicate effectively with various levels of the organization.
- Strong organizational and program management skills.
- Knowledge of NIST TPRM, ISO/IEC 42001:2023, EU AI Act and more will be an added advantage.
Create a better #TomorrowWithUs!
We value your unique identity and perspective and are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. Come bring your authentic self and create a better tomorrow with us.
This role is based in Bangalore. But you’ll also get to visit other locations in India and globe, so you’ll need to go where this journey takes you. In return, you’ll get the chance to work with teams impacting entire cities, countries and the shape of things to come. We’re Siemens. A collection of over 379,000 minds building the future, one day at a time in over 200 countries. We're dedicated to equality, and we welcome applications that reflect the diversity of the communities we work in. All employment decisions at Siemens are based on qualifications, merit and business need. Bring your curiosity and creativity and help us craft tomorrow.
Find out more about Siemens careers at: www.siemens.com/careers
