SkillSet: access control, risk management, disaster recovery, security controls, iso 27001.
Experience: 3-10 years
Notice Period: 30 days
IT security, IT auditing, IT Disaster Recovery, IT Security Controls, Risk Assurance, communication skills, analytical skills
- Work on ISO 27001 & NIST based Information Security Management System implementation and sustenance.
- Responsible for SOX (IT Security Controls) and tracking the monthly/quarterly/annual control reports and driving effectiveness of SOX controls.
- Work on Business Continuity Planning, IT Disaster Recovery as per ISO27001 & NIST requirements
- Assess information security posture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risk
- Conduct Information Systems audits covering IT infrastructure assets
- Working knowledge in security domains such as: security governance policies and procedures, risk management, compliance, access control, network security, security architecture, security incident response, disaster recovery, business continuity management, privacy and data protection
- Experience in leveraging industry standards and frameworks such as ISO/IEC 27001, NIST CSF/800-171, etc.
- Possesses certifications such as ISO27001 LA. CISSP, CISA certification- preferred
- Experience in information systems audit and/or security
- Information Systems related professional experience
- Comprehensive knowledge of IT auditing standards and techniques
- Strong written and verbal communication skills, with good attention to detail
- Understanding of IT Process, IT Infrastructure (applications, databases and operating system) and related technologies i.e. Oracle, Windows, Linux etc
- Highly competent at interpreting data, analysing problems and formulating solutions to present to management level and above