ISO 27001- Compliance Manager - Mumbai, India - Protectt Labs Pvt Ltd

    Protectt Labs Pvt Ltd
    Protectt Labs Pvt Ltd Mumbai, India

    1 week ago

    Default job background
    Full time
    Description

    Job description:

    • 3-10 years of experience required
    • Management and Execution of Internal and Third-Party Information Security Audits on-site or remote reviews for new and existing suppliers ensuring compliance with the organizations Information Security Standards.
    • Determine the appropriate levels of controls to safeguard sensitive data and validate those controls are being implemented at third-party supplier sites.
    • Provide a full write-up of the Assessment that includes the results and identifies any IS Gaps/risks the business will have to report and address with the third-party supplier.
    • Work with BISOs and Business Managers to follow up on all issues identified via on-site reviews utilizing appropriate tracking systems.
    • Work with BISOs and Business Managers s to remediate supplier-identified issues including Encryption, Data Authorization, and Data Transitions
    • Maintain records regarding all reviews and remediation of identified issues within the approved corporate tools/systems
    • Provide guidance to the business customers preparing for external audits that cover Third Party Assessments, resolving audit inquiries about specific write-up's/documentation.
    • Serve as the focal point for addressing questions and issues related to Internal and Third-Party Information Security audits execution and status.
    • Interact with all lines of business to understand trends and events that will impact the Internal and Third-Party Vendor Services.

    Qualifications:

    • Domain expertise in Cyber Security Consulting, ISO 27001.
    • Management of the Information Security System of the Organization (ISMS) in line with ISO27001.
    • Consultancy in IT Security solutions for internal as well as Client s offshore delivery IT infrastructure.
    • Should be IT security certifications such as CISSP/ CISM/ CISA/ CPISI Certified (Optional)
    • Implementing & managing ISO 27001-related activities (Risk Assessment, Controls Testing, etc.) across all domains of Information security