This job ad has been posted over 30 days ago...



ISMS Consultant Full-time

at Auriseg Consulting Private Limited in Chennai (Published at 24-07-2017)

Location : Chennai (candidate should be open for onsite projects-(India,Middle-east,KSA region)
Experience Required : 4-6 years
Job Purpose : Perform Information Security Audit based on ISO 27001, PCI DSS,NESA-ISR,SOX etc. Standards & Applicable Legal Compliance

Job role:

Identify and assess potential security risks for Clients Production environment and evaluate, specify and propose appropriate organizational, procedural and technical security measures to mitigate the risk of a compromise of Client assets impacting the availability, confidentiality and integrity of services and data, corporate image or brand.

Supporting activities related to the Risk Register.
Supporting activities related to ISO27001 certification, SSAE16 and PCI-DSS.
Support and track activities for Risk Mitigation.
Identify, monitor and report on ISMS (Information Security Management Systems) KPIs.
Analyse ISMS performance and follow up on corrective actions as well as improvement initiatives.
The proposed measures should be in-line with the relevant Corporate Security Directives as well as with Compliance and Industry standards in the Security area.
Regular review the effectiveness of the implemented security controls and its
adherence to by conducting internal audits or supporting external audits.

Main Responsibilities:

Regularly review, assess and validate effectiveness of all controls.
Regular compliance review of implemented security policies, procedures and measures
regularly review and report on Security and Compliance alignment.
Support internal and external security audits for clients.
Analyze and control areas of responsibility affecting Global Operations risk, security and compliance as well as conducting a performance review.
Need to support as an individual contributor.

Skills & Knowledge – Technical / Functional:

Expertise in security policies, standards and procedures
Expertise in security controls
Good understanding of Internet protocols, applications, operating systems, cryptographic methods
Good understanding of network and systems architecture
Good understanding of physical security
Excellent understanding of security and auditing standards such as (ISO27001,NESA-ISR,PCI/DSS additional auditing standards a plus)
Good presentation and communication skills
Project management skills
Basic understanding of the major laws and compliance standards which may impact
to specific security set-up
Good understanding of Data Privacy
ISO 27001 Lead Auditor / Lead Implementer knowledge
Fluent in English

Education and Years of Experience:

BE, B.Tech or MCA, MSc in Computer Science or equivalent Degree.

5 plus years of overall experience out of which 3 years + experience should be in pure Information Security and Audit areas.

Project management experience

Several years of IT Security and/or IT Risk Management experience
Industry Certification in Security or Auditing area (e.g CISSP, CEH, CISA,ISO Lead Auditor,ISO LI.

Note: Applications have been closed.

Recent jobs at Auriseg Consulting Private Limited

Viewed: 1387 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend