Soffit

As a candidate for the position primarily responsible for implementing ISO 27001:2013 standard for clients, you will work independently or with senior consultants to ensure information security compliance and best practices are met. Your key responsibilities will include: - Assisting clients in achieving ISO 27001 certification by identifying and implementing appropriate controls in the ISO Audit scope - Conducting risk assessments, coordinating with stakeholders, and ensuring closure signoff/risk acceptance - Defining, developing, and reviewing information security policies, procedures, guidelines, forms, and templates - Creating and reviewing baseline standards for operating systems, databases, web servers, and applications, and recommending improvements - Supporting post-implementation and continuous audits for ISO 27001:2013 to ensure compliance - Developing an organizational information security awareness program and conducting awareness sessions - Recommending measures to ensure compliance with security standards such as ISO, NIST, CIS, PCI DSS, or other best practices In terms of skills required for this role, you should have: - A solid IT foundation and the ability to communicate technical information verbally and through written documentation - Knowledge of security areas such as auditing, policy, database security, firewall design and implementation, risk analysis, identity management, access management, or web services is preferred Additionally, having pre-sales skills such as excellent communication, problem-solving, client-facing abilities, and the capacity to work effectively in a team will be beneficial. It is preferred that you hold ISO 27001/Cybersecurity certifications and express willingness to obtain certifications like Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA).,