What You’ll Do
Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program
Work directly with the business units to facilitate risk assessment and risk management processes
Designing & Develop and maintain Information Security policies, controls, procedures, standards, and guidelines based on ISO 27001 : 2013 and define controls as per ISO 27002 : 2013 / 15 Framework. Ensuring compliance.
Conduct Risk assessments, information security internal audits.
Provide consultation on remediating controls and follow up.
Perform reviews and conduct internal security audits on Cyber Security / Information security and ensure the organizational security controls are appropriate and effective.
Ensure compliance to client security requirements and various international security & privacy related regulations and acts.
Participate in various organizational initiatives and activities to maintain the Information Security Management System (ISMS) based on ISO 27001
Preparing Technical designs & business case studies for various IT security technologies & products.
Implementing & managing ISO 27001 related activities (Risk Assessment, Controls Testing, etc.) across all domains of Information security
Conducting User / Management level Information security awareness sessions & presentations.
Coordinate & respond to information security incidents
Provide awareness and training in relevant areas.
Conduct security research and keep abreast of the latest security trends and issues.
As an Information security Risk implementer, assess impacts to business from cybersecurity, legal and regulatory perspective.
Work with the leadership team, Business Analysts, Architecture, and Support Teams to ensure that Information security and Risk management standards are being followed.
Who you are
5-7 years of experience in the area of Systems / Network / Information Security
Knowledge of Information security standards & best practices (e.g., ISO 27001, NIST, etc.), and regulations related to information security and privacy
Strong analytical and problem solving skills
Excellent communication, interpersonal and follow-through skills
Knowledge of security tools, techniques, and methodologies
ISO Implementation and management experience.
Risk Management & Business Continuity Planning.
Internal Audit ISMS.
Technical Certifications : ISO 27001 : 2013 Certified Lead Auditor, CISSP / CISM / CISA / CPISI Certifications desirable
Professional certifications : Bachelor / Masters Degree in Computer Science
Bachelor’s degree in Computer Science, Information systems, Engineering, Computer applications or related field
In addition to competitive salaries and benefits packages, Nisum India offers its employees some unique and fun extras :
Continuous Learning - Year-round training sessions are offered as part of skill enhancement certifications sponsored by the company on an as need basis.
We support our team to excel in their field.
Parental Medical Insurance - Nisum believes our team is the heart of our business and we want to make sure to take care of the heart of theirs.
We offer opt-in parental medical insurance in addition to our medical benefits.
Activities - From the Nisum Premier League's cricket tournaments to hosted Hack-a-thon, Nisum employees can participate in a variety of team building activities such as skits, dances performance in addition to festival celebrations.
Free Meals - Free snacks and dinner is provided on a daily basis, in addition to subsidized lunch
Nisum is an Equal Opportunity Employer and we are proud of our ongoing efforts to foster diversity and inclusion in the workplace.