Primary Unit: Infosec
Position: Sr.Information Security Consultant
Mandatory skills: ISO 27001, ISO 9001
Optional skills: ISO 9001, PCI DSS, GDPR/PIMS, CISA, CISM
Experience (In years):5+
Type of hiring: Permanent
Number of openings:1
Need Information Security Consultant
As per below JD
ISO 27001: 2013 Lead Implementer / Lead Auditor (Required)
CISM/CISA Certification (Optional)
Expertise in Information Security Consulting for ISO 27001:2013 or any relevant standard such as ISO 27005
Strong Written, Communication Skills & Presentation Skills
1. Consulting experience in providing information security solutions for client’s business & IT services
2. Should have experience in Managing information security system for organizations based on ISO27001 standard or other related standards.
3. Should be experienced in Implementing & managing ISO 27001 related activities such as:
o Policy & Procedure creation
o Risk Management
o Defining Controls
o Supporting in implementation of Identified controls
o Conducting Internal Audits
o Security Awareness training
o Front ending Management review meetings
o Recommending process / security solutions to business team
o Understanding of IT services and related controls
o Incident management
o Supporting client during External audits
etc. across all domains of Information security
4. Managing client’s information security setup based on their contractual security requirements.
5. Ensuring compliance and report on the performance of controls.
6. Should have capability to prepare case studies for various IT security needs.
7. Should be self-motivated and capable to front-end, manage and delivery projects
8. Should possess good experience in Auditing IT security controls & knowledge on:
o Log analysis
o Patch management
o Security Incident handling & management
o Data analysis & presentation
o Security awareness trainings and evaluation
o Logical and physical access reviews
o Identifying gaps and mitigation steps, etc.