If you have any career related query OR the details excite you to join us, you may reach us at [email protected]
- Conduct based on various IT security compliances (such as CISA, ISO 27001, PCI DSS, NIST SP 800-53, etc.) and support organization to remediate the identified risks
- Design policy framework based on ISO 27001:2013
- Define controls as per ISO 27002:2013/15 Framework.
- Define controls as per NIST SP 800-53 framework
- Conduct ISMS audit for clients
- Develop and maintain audit checklist and documents
- Work closely with the VAPT team
- Create and update the hardening checklist
- Help client to upgrade from the old standards e.g. ISO 27001:2005 to ISO 27001:2013
- Perform risk assessment and impact analysis
- Map various compliances with each-other
- M.Tech or B.Tech / B.E./BCA in Computer Science or Information Technology
- Candidate with Security & Compliance certification (CISA, CISM, ISO 27001 LA, etc.) will have added advantage.
- Basic Knowledge in IT Infrastructure Management, Networking, Server operating system (Window, Unix or Linux)
- Good Knowledge of IT Security, Service Management standards & Guidelines (ISO 27001/ PCI DSS/ SOC 1 & 2/NIST CSF, HITECH, ISO2000, ISO 9001 & others)
- To attend IT audits (Compliance, Security) based on Guidelines, Standards (ISO 27001/ PCI DSS/ SOC 1,2& NIST CSF, HITECH & others)
- To work with concern stakeholders on closure of gaps mentioned in assessment, audit reports
- Capability discussion with Internal & external clients on IT Security controls & compliance posture
- Review IT policies, Process documents, define new policies according to best practices as laid down in various standards
- Experience across business continuity framework and standards
