Role: Specialist I – Information Security
Location: Kochi
Type: Full-time
Job Description:
- With strong knowledge of various applicable compliance standards independently handle internal/external compliance audits and VAPT/Red Teaming assignments. Involve more in the risk assessment and remediations. Effectively communicate with customer to understand the requirements and clearly convey the requirements to team. Handle the assigned tasks with minimal supervision
- Should handle the assigned tasks from the allocated domain with minimal guidance from the leads. (Domain Examples: BCMS Risk assessment incident management HITRUST SOC customer assurance Awareness activities Data Privacy VAPT Red Teaming etc.)
- Handle (with minimal guidance from the supervisors) internal/external compliance audits to ensure compliance with ISO 27001/ISO 22301/ISO 27701 requirement as well as process specific requirements.
- Responsible for the effective documentation of internal audits (reports) external audit documentation.
- Help the team for effective external audit facilitation and the related responsibilities.
- Point out the non-conformance areas related to information security with assistance from the supervisor.
- Ensure that policies are updated as and when required and eliminate the discrepancies of old policy versions.
- Conduct information security awareness training programs for all the employees contractors and approved system users.
- Evaluate IT Controls’ implementation and perform Risk Assessment.
- Carry out technical vulnerability assessments of IT systems and processes to identify potential vulnerabilities. Make recommendations to control any risks identified and ensure that they are implemented.
- Collect review and analyse latest technologies and tools.
- Analyse user requirements and steps required to perform the VAPT/Red Teaming.
- Interact with and communicate detailed technical requirements to the team.
- Lead Security Assessment scoping independently based on security standards like OWASP.
- Lead Web Application Penetration Testing Network Penetration Testing Mobile Penetration Testing and Code Review independently based on the guidance from leads.
- Learn and understand existing and emerging security management practices.
- Independently handle the evidence collection from multiple teams as part of any external audits.
- Assist in customer assurance activities.
- Assist in the process automation activities.
- Mentor and Lead A band employees.
Measures of Outcomes:
- Number of internal audits and security assessments conducted per year.
- Number of external audit facilitation activities.
- Number of Threats/Risks/Vulnerabilities reported per year.
- Number of NCs in external audits on assigned domains.
- Number of areas of responsibility on cross domains.
- Performance of ISMS/BCMS/PIMS/QMS in the responsible centre/regions.
- Awareness activities conducted and the percentage of adoption in the responsible centre/regions.
- Noticeable initiatives taken to improve the process.
- Less than two stake holder escalations.
- More than three appreciation from the stakeholders/supervisors.
Documentation:
- Policy and Procedure amendments
- Awareness training materials
- Presentations decks for internal/ external discussions
- Audit /Security Assessment reports”
BCAA UK CDSP CISSP Certified Professionals.
Preference to ISSS trained professionals
Please send me your resumes to jobs@isss.org.uk
Mention “Specialist I – Information Security – Kochi” in the subject.
Mention your
Current CTC
Expected CTC
Notice Period:
Current Location:
Additionally register as well in this link.
https://docs.google.com/forms/d/e/1FAIpQLSe1-FxmJMLOIvrGnBpQypV64VoRKIhQlcewpXt13RJTuPmLrQ/viewform?usp=pp_url
Join us for cyber jobs and trainings by ISSS in this group
https://chat.whatsapp.com/DMAFQ1OqJC0CuKExbfC8UM
If you feel the job is fake please refrain from applying. It saves your time and our time.
#isssuk #hiring #staffing #bcaauk #informationsecurity #cdsp #ccsgo #devsecops #cissp