ISMS PseudoTeam
- PseudoTeam
- Office Location
- Full Time
Industry Type - IT - Software
Category: Others
Experience: 5 - 10 years required
Pay:
Salary Information not included
Type: Full Time
Location: Noida
Skills: Security Risk Management
About PseudoTeam
PseudoTeam is an online IT service delivery gateway facilitating project management that provides IT services in every part of the world.
They aim to provide eminence in the field of Information Technology for both our customers and service partners.
Job Description
Job Description- ISMS
Notice period :- 30 Days to 45 Days.
Should have at least 5 year of relevant experience
Location :- Noida (on-site work)
-Define, Develop and review information security policies, procedures,
guidelines, forms and templates as per best practices.
-Assist in security Metrics and Maturity – Provide and track Dashboard /
Reports as per defined parameters. (ISO MOE)
-Review, Report and track Security Self-Assessment report.
-Reporting, tracking and escalating Security Audit of existing Application by
Third Party.
-Assist and Recommend measures to ensure compliance with ISO 27001 /
17799 / 27002 standards or any such best practices.
-Assist to get ISO 27001 certification by identification of risks and
implementation of appropriate controls in the ISO Audit scope. Recommend
practical and implementable controls based on business, process and
technology requirements for ISO 27001:2013.
-Support post implementation and continuous audits for ISO 27001:2013 and
ensure compliance.
-Risk assessment of activities and coordinate with stakeholders till closure
signoff / risk acceptance.
-Conduct periodic Internal Information Security Audit of different functions in
BS&T – Scheduled by Information Security Team.
End-point compliance:
-Involvement in handling and resolution of information security related
incidents,
-Advise the organization with latest updates on information security
technologies and related regulatory issues.
-Create and review baseline standards for OS, Database, webservers and
applications and recommend improvements
-Review and approve Hardening reports for closure.
-Prepare, Collate and submit periodical security reports like patch
management report, antivirus / anti-spam report, IPS report, security incident
report, Software License Compliance Report and third party security reports
on Information Security Activities to Management. Update the daily, weekly
and monthly dashboards
-Highlight the End-point (Patch, Antivirus, USB) non- compliances to the
relevant teams and create dashboards on a weekly/monthly frequency
-Approve Service Request, Incident Request on mail and Change Request on
e-helpline application after risk and impact assessment
-Assist in updating and monitoring business continuity and disaster recovery
plan and review of documented plans and procedures for business
resumption / continuity following disasters.
Information Security awareness:
-Create organizational information security awareness and conduct awareness
during induction and maintain records. Also, to send security mailers to users
on periodic basis.
-Create the Information Security awareness mailers and related bi-monthly
newsletters as directed by CISO.
-Assist Implementation of an Awareness / Education program to ensure that
the employees and the related third parties are aware of and observe their
respective responsibilities for the maintenance and continuation of information
system security.