1. Reinforce the implementation of Information Security policy and IT Risk Guidelines.
2. Review and update IS Guidelines and SOPs
3. Creation of Baselines for controls in IT environment
4. Contribute to Risk Review Committee / IS steering Committee pack for reporting
5. Information Security Exception Management
6. Development and implementation of key compliance frameworks like Privacy, PCI / DSS etc. as needed
7. Administer Security Incident and Cyber Crisis Management strategy and response
Training and Awareness
1. Train HO/branch personnel on IS / BCM Risk management activities through workshops / Road Shows.
2. Facilitate in creating a Risk Culture through Risk Awareness
Respond to miscellaneous / Ad hoc requirements
1. Participate in Organizational initiatives and align to Functional Goals
2. Undertake new projects aligned to functional goals
3. Ad Hoc Process / Vendor onboarding reviews
4. Carrying on industry research for Risk Assessment.
1. Review the security requirements of the third party access.
2. Review security requirements in outsourcing contracts.
3. Ongoing reviews of key Vendors and ensuring compliance to Company requirements
ISMS Maintenance and sustenance
1. Management of complete ISO 27001:2013 implementation / certification lifecycle activities
2. Ensure compliance to and implementation of ISO requirements such as Risk Assessments / Gap Assessment, Monitoring and Measurements of ISMS, Internal Audit
3. Ensuring timely facilitation of Audit by External Certification Body
4. Reporting of non-conformances reported through the lifecycle and audit to key stakeholders including Top Management and ensuring closure of the same
Audits and RFP
5. Timely response to all Internal, Statutory and Regulatory Audits and working on management responses and Action Items
6. Timely response to all RFP and Client Audits and working on responses and Action Items
Desired Candidate Profile
TopGear Consultants Pvt Ltd.
Contact Company:TopGear Consultants Pvt Ltd.