Job Title: Information Security Convenor
Department: Information Security
Location: Mumbai
Requirement :
· Understanding and atleast 2-3 years experience in the Information Security space
· Certified as Information Security Implementer will be an added advantage
Job Description-
- You will be responsible for assisting and driving the formulation, revision and review of policies, operational procedures and continual improvement through testing, implementation, and monitoring of security measures for the Group across geographies; with our ISO 27001 certification already in place and with SOC2 certification in progress. The role will be focused on security risk management, security improvement, incident response planning, security governance and compliance and assurance activities.
- Your work will be focused on improving the Group’s security posture through activities including facilitating risk assessments, policy development, threat assessments, compliance with security frameworks and regulations, certification with ISO 27001, SOC2 and Cyber Essentials, incident response planning, incident response exercises, supplier security due diligence and more.
- Although not a technical IT role, an understanding of technical security controls and concepts is required covering networks, end point, cloud, and application security.
_ PRINCIPLE DUTIES - INFORMATION SECURITY_
- Ensure the company’s systems align with both the ISO27001, SOC2 and any other industry recognised standards such as NIST and NCSC.
- Carry out risk assessments, identifying controls and monitoring controls against objectives and KPI metrics
- Drafting, updating, and implementing security policies, procedures, and work instructions
- Advising on and assisting with implementation of security governance and assurance activities, steering groups, internal auditing, and security testing activities
- Providing security awareness training and supporting improved security awareness through training and content creation
- Assist in providing ongoing security assurance of third-party suppliers.
- Co-ordinate and review vulnerability testing using tools such as Nessus and other tools and undertake risk analyses and security assessments
- Knowledge share with other team members in security awareness, protocols, and procedures
- Design and conduct security audits to ensure operational security
- Respond in a timely manner to security incidents and provide post-incident analysis and root cause analysis
- Research and recommend security upgrades to improve the company’s security posture
- To liaise with 3rd parties when required
- Input into ad-hoc projects when required
Job Types: Full-time, Permanent
Jadwal:
Application Question(s):
- Kindly mention your notice period
- Kindly mention your current CTC.
- Kindly mention your expected CTC.
- Please mention your current location.
- Total years of experience you have as IT Convenor
Work Location: In person