This job ad has been posted over 30 days ago...



Information Security Consultant/Manager Full-time

at Manufacturing client of Endurance in Pune (Published at 23-07-2013)

1. Responsible for ensuring all relevant activities and compliances to the requirements of the ISMS
2. Hands-on experience in leading compliance and remediation efforts for ISO 27001 &Provide interpretations of current policies related to specific situation
3. Experienced in establishing and implementing ISMS & BCMS Framework
4. Experience in Monitoring of Firewalls, IDS, IPS and network devices.
5. Perform information security risk assessment and provide mitigation for the same and ensure the implementation of the recommended controls
6. Prepare Role based access matrix for critical applications and implement the same and handling activities like Access rights review and user access management
7. Review the user exceptions like USB, CD, Internet, webmail, Active Sync, Blackberry etc., and approve the same.
8. Ensure exceptions to be signed off by CISO & Monthly reporting on exceptions
9. Review the VA/ PT report and ensure that all the HIGH severity vulnerabilities are closed before go live date
10. Infrastructure Security
a. Ensure all the hardening documents are reviewed on periodic basis
b. Ensure all the internal critical servers & web servers, desktops. Laptops are hardened as per the policy
c. Ensure all the critical servers, desktops, laptops are to be patched with the latest patches
d. Monthly reporting on exceptions
11. Good understanding of the ISMS cycle that includes
a) Asset Identification & Risk Assessment
b) Control Effectiveness
c) Coordinate internal and external audits in coordination with ETPL internal audit team
12. Shall be experienced to provide end to end support for implementation and sustenance of Information Security Management System based on ISO 27001
13. Oversee incident response planning and security breach investigations in consultation with CISO
14. Must have sound knowledge of Business Continuity Planning
15. Supervise development of security awareness and training programs
16. Outsourcing / 3rd Party a. Review the security requirements of the third party access.

Preferred: ISO 27001 LA, ISO 22301 LA, ITIL, CISA/CISM/CISSP preferred
Years of experience:3-5 Years in Information Security

Note: Applications have been closed.

Viewed: 1701 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend