ISO Auditor

Job Summary: We are seeking a highly skilled and detail-oriented ISMS (Information Security Management System) Analyst to join our team. The ISMS Analyst will be responsible for ensuring the effectiveness, implementation, and maintenance of our Information Security Management System in accordance with industry best practices and regulatory requirements. The ideal candidate will possess strong analytical abilities, excellent communication skills, and a deep understanding of information security principles. 2. Responsibilities: A. Implementation and Maintenance: Develop, implement, and maintain the Information Security Management System (ISMS) framework based on industry standards such as ISO 27001, NIST, and other relevant frameworks. B. Risk Assessment: Conduct risk assessments and vulnerability scans to identify potential threats and vulnerabilities to the organization's information assets. C. Policy Development: Assist in the development, documentation, and implementation of information security policies, procedures, and guidelines. D. Compliance Monitoring: Monitor compliance with information security policies, standards, and regulations. Ensure that all security controls are implemented and maintained effectively. E. Security Incident Response: Participate in security incident response activities, including investigation, analysis, and resolution of security incidents. Develop incident response plans and procedures. F. Security Awareness: Develop and deliver security awareness training programs to educate employees on information security best practices and policies. G. Continuous Improvement: Identify opportunities for improvement in the ISMS framework and security controls. Recommend and implement enhancements to strengthen the organization security posture. H. Documentation: Maintain accurate and up-to-date documentation related to the ISMS, including policies, procedures, risk assessments, and audit reports. I. Collaboration: Collaborate with cross-functional teams, including IT, compliance, legal, and business units, to ensure alignment of security initiatives with business objectives. 3. Requirements: A . Bachelors degree, Computer Science, or related field. Relevant certifications such as ISO 27001, CISSP, or CISM Lead Auditor/Implementer are preferred. B . Proven experience in implementing and maintaining Information Security Management Systems (ISMS) based on industry standards such as ISO 27001, NIST, or equivalent frameworks. C . Strong understanding of information security principles, risk management, and regulatory requirements (e.g., ISMS, SOC 2, GDPR, PCI DSS). D. Experience conducting risk assessments, vulnerability scans, and security implementation and audits. E. Excellent analytical and problem-solving skills, with the ability to analyze complex issues and recommend effective solutions. F. Excellent communication skills, with the ability to effectively communicate technical information to non-technical stakeholders. G. Strong project management skills, with the ability to manage multiple tasks and projects simultaneously. H. Ability to work independently and collaboratively in a fast-paced environment. 4. Benefits: A . Competitive salary B . Health Insurance C. Paid time off D. Professional development opportunities E. Learning about different domains and departments Interested candidate can also share their resume at smitha.k@hiringedge.in Job Type: Full-time Pay: ₹600,000.00 - ₹650,000.00 per year Benefits: Provident Fund Schedule: Day shift Monday to Friday Work Location: In person