ISMS Consultant

₹ 2,500,000 - 3,000,000 (Year) | Experience 7 - 12 Years
Time Permanent | Location Pune, India

Job Description :

  • Role:- ISMS Consultant
    Location: Pune
    Job Description:-
    The primary function of managed information security services is to support the local information security team and the Chief Information Officer (CIO) in reaching and maintaining the desired maturity level set by the Group. This includes ensuring compliance in key areas such as information security, IT security operations, and risk management. The services are broadly classified into three categories: 'required', 'on demand', and 'optional'.
    •             Possess unimpeachable personal and professional integrity. Individuals will be required to submit to a background examination.
    •             Good oral and written communication skills in English and native language.
    •             Ability to take initiative and ownership of incidents from reporting to resolution.
    •             The responsibility of the local company, or client, is to actively participate in the Information Security Management System process.
    •             Involves providing essential inputs, especially from business and data owners, and coordinating locally.
    •             The client is also accountable for the local enforcement, technical implementation, and monitoring of corrective actions. Furthermore, the top management must ensure a proper organizational structure is in place and allocate the necessary competencies and resources to effectively manage ISMS-related tasks (organizational responsibility).

Recommended Skills :

  • •             Below is an overview of the fundamental elements of information security, derived from the ISA catalogue.
    •             Summary covers the areas of IT and Information Security (IS) where remote or onsite support will be provided by the managed information security services. Support will also extend to broader business functions, when feasible, to meet information security objectives.
    Skills and Experience:-
    •             Vulnerability Management
    -              Verification of tickets, particularly focusing on ISMS check input for Critical and High vulnerabilities.
    •             Risk Analysis
    -              Implementation of scanner engine for vulnerability management.
    -              Verification of SC Tickets tagged with 'CPN' designation
    •             Third-Party Due Diligence
    -              Verification and continuous checks for SAAS suppliers.
    -              Monitoring of mobile app activities.
    •             Management of IS Exceptions
    -              Documentation support for exceptions.
    -              Conducting threat modeling exercises.
    •             Establishment of Zone Concept and Security Guidelines
    -              For security-sensitive areas and departments, adopting the ABW office concept.
    •             ISMS Documentation Support
    -              Provision of ISMS documentation support within the ISMS Ecosystem.
    •             Support for IS and IT Risk Management
    -              Support for assurance activities for IS and IT risk management.
    -              Support for IS incident Management.
    -              Support for Process Governance.
    -              Including PAM fundamentals and assurance checks for system administrators.
    •             Support for development of IS Policy Management
    -              Covering concept development, instruction, training material and involvement of relevant stakeholders.
    •             IS Communication Management
    -              Stakeholder management and communication channels
    •             Performing System Hardening Checks.
    -              Ensuring alignment with risk management and exception processes.
    •             Role Segregation in Information Security
    -              Defining responsibilities among regional CISOs, LISOs, IT-Security, CERT, etc.
    -              Ensuring segregation of duties to prevent individuals from performing too many tasks, implementing principles such as the 4-eye principle.
    •             Support for Incorporating information security aspects from ICS catalog requirements.
    •             Integration of control effectiveness.
    -  Processes and ecosystems, particularly within ISMS checks.
    •             Support for planning and executing awareness campaigns, along with inventorying and expanding training materials.
    Benchmark Certifications:-
    •             CISSP
    •             ISO 27k Lead Implementer

Key Skills :


Industry :

IT Software & Services

Education :

    • B.Tech / BE

Vacancies : 10

Posted On : 20 days ago

About Company :

Biztegy Analytics Inc

Overview :

: Illinois
: Public Company
: 30 Million
: IT - Software
: 2019
: --
: --
: IT- Hardware / Telecom / Technical Staff
Register for free
Suesys Learning