Information security Analyst

Location

Bangalore | India

Job description

• We are seeking a highly skilled and experienced Information Security Analyst to join our team at DPDzero
• As the Information Security Analyst, you will be responsible for developing and implementing robust information security strategies, policies, and practices, with a primary focus on aligning with the ISO 27001 framework
• You will collaborate closely with cross-functional teams to identify and mitigate security risks, lead security assessments and audits, and ensure compliance with ISO 27001, along with other industry standards and regulatory requirements
• Your expertise in ISO 27001, information security, risk management, and security best practices will be critical in maintaining the confidentiality, integrity, and availability of our systems and data

Responsibilities:

1. Information Security Strategy: Develop and implement the company s information security strategy and roadmap, with a strong emphasis on aligning with ISO 27001, while also aligning it with business goals and objectives.

2. Security Governance: Establish and maintain an effective information security governance framework based on ISO 27001, including policies, procedures, and standards.

3. Risk Management: Identify, assess, and prioritize information security risks following ISO 27001 guidelines, and develop risk mitigation plans and controls.

4. Security Awareness: Foster a culture of security awareness among employees, partners, and stakeholders through training and communication initiatives, in line with ISO 27001 requirements.

5. Incident Response: Develop and execute ISO 27001 compliant incident response plans to address and mitigate security incidents and breaches.

6. Security Compliance: Ensure compliance with ISO 27001 and other relevant security standards, frameworks, and regulatory requirements.

7. Security Assessments: Conduct regular security assessments, vulnerability assessments, and penetration tests, adhering to ISO 27001 principles, to identify and address security vulnerabilities.

8. Security Audits: Coordinate and participate in security audits and assessments, particularly focusing on ISO 27001 compliance, to evaluate the effectiveness of security controls.

9. Security Monitoring: Implement and manage security monitoring tools and systems in line with ISO 27001 requirements to detect and respond to security threats in real-time.

10. Security Training: Provide training and guidance to the IT and security teams to enhance their knowledge and skills in information security, with ISO 27001 as a key reference.

11. Third-Party Risk Management: Evaluate and manage security risks associated with third-party vendors and service providers, with ISO 27001 compliance as a priority.

12. Incident Reporting: Prepare and present security incident reports to senior management and stakeholders, following ISO 27001 reporting guidelines.

13. Security Performance Metrics: Define and track key security performance metrics and KPIs, including those outlined in ISO 27001, to measure the effectiveness of security controls.

Job tags

Salary