* Hands on experience with ISO 27001, PCI DSS and other security management standards implementation
* Hands on experience with Websence (triton) DLP suite for compliance policy designing & implementation.
* Hands on experience on Endpoint encryption and policy designing.
* Proficiency with report writing and project tracking
* Assist the SDL InfoSec on performing a risk review of daily security requests that come from the business
* Interact with the process owners to understand the nature of business, the controls and possible risk.
* Support the risk management process by analysing threats to the computing environment. Conduct Risk assessment for information assets.
* Conduct routine audit checks to verify the compliance to the Information Security Policy and Procedures. Prepare audit reports and work with the process owners to close the findings.
* To be able to take up any security project (network or cyber) and work with various stakeholders to complete the deliverables that are part of the project.
* To bring any possible security threats or violation of Security Policy to Information Security Manager.
* To be able to review and suggest network or network security devices configurations.
* Support the various requirements towards compliance for ISO 27001, PCI-DSS and any other 3rd party audits.
* Provide direction and support for security implementation.
* To conduct periodic technical and process security assessments on the ISMS systems.
Graduate or Post Graduate - IT or Computer related subjects
Professional Certification :
ISO-27001:2013 LA or CISM /CISSP
CCNP - R&S or Security (complete)
Firewall -- Cisco ASA or Checkpoint
Websence Triton DLP suite certification
Cyber Security Laws and framework knowledge
CEH or Pin Test certifications
* Must have at least 3-4 years of experience in ISMS & Networking \ Network Security concepts.
* Must have strong knowledge on Risk Assessment methodologies & frameworks.
* Excellent Process documentation and re-engineering skills.
* Must have a broad knowledge of Information Security/ technology and methodologies.
* Have managed security related Projects in the past