hello@grailinsights.com

Information Security Specialist

The Information Security Specialist will build a strong internal / external audit structure, enhance awareness of international standards on security and quality, and implement and manage certifications including but not restricted to ISO 27001, GDPR & ISO 9001 (good to have)

Responsibilities

  • Help implement and sustain certifications including but not restricted to ISO 27001,and 9001
  • Create awareness of the International standards for information security i.e. ISO 27001, quality ISO 9001 , GDPR
  • Be responsible for planning and scheduling of audits at regular intervals
  • Based on the audit results, do a broad analysis and initiate corrective and preventive actions at an organizational level to minimize occurrences of repeat non-conformities
  • Co-ordinate with process owners to ensure that all non- conformities with respect to standards are closed by facilitating conducting of root cause analysis and taking corrective and preventive actions that eliminates the root causes
  • Build a robust escalation system in place to highlight non-closure of non-conformities with in stipulated time frame
  • Conduct periodically management reviews to report findings of the audits to the leadership
  • Respond to customer RFP’s and queries to internal/external or prospective clients pertaining to ISO standards
  • Get VAPT done through an external vendor for all locations globally. Timely closure of all VAPT findings by coordinating with Vendor and internal stakeholders
  • Recommend ways and means to improve the organization’s compliance to standards and hence demonstrate continual improvement
  • Maintain and control ISO documentation
  • Assist the delivery center in developing process plans and standard operating procedures
  • Run/conduct awareness program on ISO for all associates and provide guidance to teams in meeting compliance requirements on ISO standards
  • Implement and execute ISO requirements for the organization
  • Driving ISMS within the organization
  • Conduct regular reviews of the state of the ISMS with members of the ISF (Information Security Forum)
  • Actively participate in any information security program of the organization
Information Security Specialist
  • Extensive auditing experience in ISO 27001 and ISO 9001 standards
  • Must be a certified lead auditor for ISO 27001, Certification in ISO 9001 and GDPR will be an added advantage.
  • 1-3 yrs. work experience

Personal Success Characteristics

  • Good English verbal and written communication skills.
  •  Knowledge of MS Word, Excel and PowerPoint
  • Knowledge and experience in basic understanding of Network and Windows Operating systems
  • Candidate should be familiar with VLAN and Firewall security
  • Knowledge and experience of managing VAPT for organization
  • Candidate should be familiar with review of logs, Systems, Network etc.
  • Good time management skills
  • Stakeholder management
  • Change management skills
  • Strong analytical mind
  • Eye for detail
  • High level of positive attitude
  • Proactive approach to problem solving
  back to open positions