- Perform Security Risk Assessment at level of Project / Account / Organization.
- Information Security Policy and its related maintenance
- Application/Systems architecture security review, Risk assessment and Security Risk Handling
- Security Compliance Review and Reporting as per CIS 20 Standard, KPI monitoring and dashboard reporting
- Security SLA Preparation and Reporting
- Security Awareness Training for employee and outsources
- Involve on various steps of Secure Development maintenance and improvement for review and approval
- Closure and support of Internal and External Audit
- Support in defining the security baseline/hardening document create
- VA PT report review and exceptions approval
Qualifications, Essential Skills/Experience Information Security Consultancy :
- Mandatory Certification: One of CISSP or CISM.
- Security Experience of 6-10 Years.
- Should have decent understanding of security technologies and threat vectors. Should have strong documentation skills. Skills 70% Risk + 30% Infra Security required
- Developing and implementing Enterprise Security Strategy, Governance Frameworks, Standards, Policies
- Well Conversant with ISO 27001, CIS 20, NIST, System hardening standards, CIS benchmarks.
- Good understanding of security gap analysis approach, risk assessment principles / methodologies / techniques, compliance management and the interpretation/application of their output in the definition of Security management and governance.
- Good understanding of key areas in Information Security and ability to apply them appropriately. Capable of delivering Security Strategies as part of a broader Enterprise or IS / IT Architecture.
- Professional Accreditations - One or more of the following certifications would be preferred- ISO 27001 LA, CISSP, CISA, CISM or equivalent.
If you have questions about this job, please click on apply. The employer will contact you then.