Job
Description
Key Responsibilities Documentation Management: Take ownership of all cyber and security-related documentation, including policies, procedures, guidelines, and training & awareness materials. Ensure documents are up-to-date, accurate, and readily accessible. Security Alert & Incident Review: Review security alerts and incidents specifically related to governance & compliance, data loss prevention (DLP), and adherence to established policies & procedures. Escalate and assist in the investigation of incidents as required. Audit Liaison: Liaise with both internal and external auditors during security-related audits mainly ISO 27001 and IT General Control. Assist in the preparation of audit materials, respond to audit findings, and track remediation efforts. Third-Party Risk Assessment: Assist the business in conducting third-party risk assessments, ensuring vendors and partners meet the organization's security requirements. Project Support: Provide project support to Cyber Security projects, including documentation, coordination, and tracking of tasks. ISO 27001 Implementation: Contribute to the ISO 27001 implementation and documentation. Main Accountabilities Maintaining and updating cyber security documentation (policies, procedures, guidelines, training materials) Contributing to the effectiveness of the organization's security governance, risk, and compliance program. Supporting successful internal and external security audits. Assisting in the identification and mitigation of security risks associated with third-party vendors. Supporting the delivery of Cyber Security projects on time and within budget. Contributing to the successful implementation and maintenance of the ISO 27001 Information Security Management System (ISMS). Requirements Tertiary qualifications at a degree level in an appropriate discipline (e.g., Information Security, Information Technology, Computer Science) or equivalent industry-relevant experience. A minimum of 6 years of experience in a security-related role or IT Audit. Effective verbal and written communication skills, with the ability to clearly articulate technical concepts to both technical and non-technical audiences. Ability to explain security concepts to users and stakeholders in a clear and understandable manner. Demonstrated experience in the production of documentation using standards and notations (e.g., flowcharts, diagrams). Solid understanding of security governance, risk, and compliance principles and frameworks Location : Hyderabad Mode of work : Hybrid ( 2 days WFO) Shift : 8.00 AM to 5.00 PM Notice Period : Immediate to 30 days Full Time opportunity
