Job Description

JOB DESCRIPTION Lead the implementation of the ISO 27001/27701 standard across the organization, including scoping, planning, and executing ISMS initiatives. Develop and maintain project plans, timelines, and deliverables to ensure successful implementation of ISO 27001/27701 requirements. Conduct comprehensive risk assessments to identify information security risks and vulnerabilities. Develop risk treatment plans and controls to mitigate identified risks in alignment with ISO 27001/27701 guidelines. Develop, review, and update information security policies, procedures, and guidelines to comply with ISO 27001/27701 standards. Ensure policies and procedures are communicated effectively to all employees and stakeholders. Develop and deliver training programs on information security policies, procedures, and best practices for employees and stakeholders. Promote awareness of information security requirements and responsibilities throughout the organization. Plan and conduct internal audits of the ISMS to assess compliance with ISO 27001/27701 standards and organizational policies. Monitor and track corrective and preventive actions (CAPAs) to address audit findings and improve ISMS effectiveness. Maintain documentation of ISMS activities, including risk assessments, policies, procedures, audit reports, and records of compliance activities. Prepare regular reports and presentations for senior management on the status of ISMS implementation, compliance, and improvement initiatives. Qualifications: Bachelors degree in Information Technology, Computer Science, Business Administration, or a related field. Advanced degree (e.g., MBA, Master of Information Security) preferred. Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or ISO 27001 Lead Auditor/Implementer certification required. Minimum of 8+ years of experience in implementing and managing Information Security Management Systems (ISMS) based on ISO 27001/27701 standards. Strong understanding of ISO 27001/27701 requirements, controls, and implementation best practices. Experience in conducting risk assessments, developing information security policies, and managing compliance initiatives. Excellent project management skills with the ability to prioritize tasks, manage timelines, and lead cross-functional teams. Should be working late shift ( Till 5 AM IST) Interested candidates can share CV at Shruti.pachauri@globallogic.com