Job Description

Experience: 5+ years Reports to: CTO Qualification: BE/ B.Tech /BSC /BCA/ MTech / ME About the Role: We are seeking a skilled and experienced ISMS Lead Implementer to oversee and enhance our Information Security Management System (ISMS). The ISMS Lead Implementer will play a pivotal role in ensuring the confidentiality, integrity, and availability of our information assets. This role requires a proactive individual who can manage compliance with standards like ISO/IEC 27001, conduct risk assessments, and foster a culture of security awareness within the organization. Key Responsibilities: 1. Developing and Implementing ISMS Policies and Procedures: - Analyze organizational security requirements and develop comprehensive policies. - Ensure compliance with standards such as ISO/IEC 27001. - Regularly review and update policies to align with emerging threats and regulatory changes. 2. Conducting Risk Assessments and Management: - Identify potential threats and vulnerabilities to information assets. - Evaluate risks and implement mitigation strategies to safeguard critical information. - Perform periodic risk assessments to ensure ongoing security. 3. Ensuring Legal and Regulatory Compliance: - Stay updated on changes in information security laws and standards. - Advise senior management on compliance requirements and implications. - Implement measures to achieve and maintain compliance. 4. Managing Security Incidents: - Develop and maintain an Incident Response Plan. - Coordinate responses to security incidents, including investigation and corrective actions. - Conduct post-incident reviews to identify areas for improvement. 5. Training and Awareness Programs: - Design and implement training programs to promote a security-conscious culture. - Raise awareness about security policies, roles, and responsibilities across the organization. 6. Monitoring and Reporting: - Monitor adherence to ISMS policies and conduct regular audits. - Report information security statuses and audit findings to senior management. - Recommend improvements based on analysis of trends and assessments. 7. Liaising with External Auditors and Regulators: - Act as the primary contact for external audits and assessments. - Provide required documentation and implement recommended actions to ensure compliance. 8. Managing Information Security Projects: - Plan and execute security initiatives to strengthen the ISMS framework. - Manage project timelines, resources, and evaluate project outcomes. 9. Maintaining Business Continuity and Disaster Recovery Plans: - Develop and test business continuity and disaster recovery plans. - Ensure preparedness for unforeseen disruptions and lead recovery efforts. 10. Collaboration with IT and Other Departments: - Work with IT to implement technical security controls. - Coordinate with HR to ensure security practices are embedded in onboarding and offboarding processes. - Collaborate with other departments to identify and mitigate security risks. Qualifications & Requirements: - Experience: 3 to 5 years in ISMS implementation and management. - Strong understanding of ISO/IEC 27001 standards and information security frameworks. - Proven ability to conduct risk assessments, manage incidents, and oversee audits. - Experience in business continuity planning and disaster recovery. - Excellent communication and interpersonal skills to collaborate with cross-functional teams. - Strong problem-solving and analytical abilities. - - the candidate must have a very good communication skill.