Lead Auditor - ISO 9001
Lead Auditor - ISO 9001
Lead Auditor - ISO 9001
Url to apply- https://in.indeed.com/jobs?q=iso%2027001&l&vjk=f6643bb00577aa95
GelaroGrace Studio - Noida, Uttar Pradesh
₹50,000 a month
We are looking for a qualified lead auditor to perform certification audits for the standards- iSO 27001:2013, 27002:2013 & MPA (Motion Picture Association) Certification. The Information Security and Risk role provides direct oversight of The Information Technology security and risk program. He/She is directly responsible for the day to day management of the program and ongoing program maturity. This includes policy development, Information Security training, Incident Management, Vendor onboarding and overall security posture and IT control environment for the Enterprise. The Information Security and Risk Leader supports the Information Security Officer, Privacy Officer and Chief Compliance Officer.
1. Reporting to the MD, this role will drive the development, implementation and monitoring of comprehensive enterprise information security and IT risk management program.
2. Development and completion (and ongoing update) of an effective audit strategy and plan (including budgets) that provides thorough, risk based coverage for addressing cyber and governance corporate-wide as it relates to technology related operational risks.
3. Effectively reviewing and challenging first and second line cyber and information security assessment ; Engaging, Building and managing relationship with the CISO, IT and Top Management.
4. Leads teams of IT Security and risk professionals in support of organizational risk goals and objectives to drive clarity as to potential areas of material technology risk.
5. Lead the identification, reporting and response to information security risk
6. Develop process measurement and improving the effectiveness of the overall information security program.
7. Coordinates and participates in audits, vulnerability testing, and compliance reviews representing information technology functions in support of security, audit and risk needs.
8.Review, analyze and make recommendations regarding the design and implementation of operational risk management framework as applicable and required for technology risk.
9.Stays current in technology specific operational risk management techniques, industry best practices, and regulatory requirements.
10. Develops methodologies and practices to refine the technology risk framework that drives risk-aware, transparent decision making.
11. Matures the risk based metrics, scorecards and dashboards to track performance as well as identify and monitor trends across the organization.
12. Prepares risk analysis documentation and participates with coordinated reporting as requested
13. Prepares IT related business continuity and disaster recovery documentation and participates with coordinated reporting as requested
14.Provide oversight of vendor onboarding process and vendor security posture assessment
15. Acts as a liaison for the department, maintaining effective and professional relationship with information technology, information security, Purchasing, Contracting, Business Continuity
16. Ability to translate security concerns into business context and articulate to executives, while weighing business needs against security concern in the decision making process
17. Attend Audits, Explain network security to Auditors
18. Review RFPs and respond to every requirement based on solution capabilities and fitment to project requirements.
19. Ensure Audits are cleared from the regulation perspective
20. Try to lower the levels of Non-compliance identified in the audits assessment.
21. Work with internal teams to ensure compliance to ISMS frameworks and regulations applicable for GG are met in a timely manner.
22. Establish a governance process and drive compliance programs
23. Help standardize compliance templates by influencing customers auditors
24. Identify possibilities of automating audits
25. Responsible for assessing information risk and facilitates remediation of identified vulnerabilities for IT Security and IT risk across the enterprises
26. Identifies opportunities to reduce risk and documents remediation options regarding acceptance or mitigation of risk scenario
27. Evaluates the organization to ensure compliance with standards and relevance with industry security norms
28. Research, analyse and identify potential vulnerabilities and security deficiencies in the company's information systems
29. Monitors performance of risk remediation tasks, changes related to risk mitigation and reports on findings
30. Plan and Prepare our network for periodic audits by customers and regulator bodies and ensure compliance to guideline
31. Analyze results, deploy remediation for security audits and penetration testing
32. Explain to the Management non-compliance and other findings.
33.Prepare and submit required reports in a timely manner
Thanks & Regards,
Human Resource Department
Job Type: Full-time
Salary: From ₹50,000.00 per month
- Day shift
- work: 5 years (Preferred)
- total work: 5 years (Preferred)
- Bachelor's (Preferred)