Job Description: Information Security Manager
Primary role is to lead the ISO 27001 certification maintenance to comply with information security standards for compliance on Data security which Include Operate the ISMS,Update the documentation,Review the risk assessment,Monitor and measure the ISMS,Perform internal audits,Perform management review,Perform corrective actions.
Detailed descriptions of responsibilities
Operate the ISMS :
make sure you perform all the activities described in the ISMS policies and procedures.
complying with all the requirements in all ISO 27001 documents and producing the real records.
co-ordination with internal teams to make sure ISO 27001 practices are followed in organization.
Make sure that Screen-Magic is stringently following all data security practices.
Conduct regular trainings for data security practices.
Update the documentation:
Periodic review of documentation and records and recommend possible changes.
Review the risk assessment:
On account of changed circumstances, the threats and vulnerabilities will change and automatically risk associated also changes. In that context , Information Security Manager needs to review the risk periodically, do risk assessment,perform necessary changes, and update the documents.
Monitor and measure the ISMS:
Review ISMS objectives on periodic basis. Improvise the ISMS objectives with respect to new business needs and risk identified. Update ISMS systems and implement , review and monitor the performance in accordance with the business needs.
Perform internal audits:
Perform internal audits at regular intervals, review the ISMS and identify gaps and mitigate.
Perform management review:
Submit the report of ISMS with Top Management, discuss the progress, improvements, challenges etc.
Co-ordinate with External Certification body, schedule and conduct the ISMS surveillance audits at regular intervals.
Lead the System & Network team at screen-magic. - IT Team Operation, Monitoring, and Management. Help-desk Monitoring. IT Escalation Management. Monthly MIS reports to Management
Meet SLAs of System and Network Team
Manage budgets for certification activities & IT teams.
Handle procurement/renewals of IT tools include IT quarterly budgeting, vendor selection, price negotiation, procurement, renewals.
Maintain trust sites of Screen-Magic products.
Write knowledge blogs on trust site regarding sm security compliances.
Help Tech team to comply with latest security breaches.
Legal : Reviewing customer/ 3rd party legal contracts and map the requirements with respect ISO and document and maintain.
Get on call with Customers for fielding Data security queries
Monitoring, Reports ,Handling of Customer queries.
You need to submit the MIS reports on Every month - with following reports
Continual Improvement progress report of ISMS
MIS of system & network admin activities
MIS of legal related activities
SLA report of IT department
Call report of Data Security Customer interactions.
Graduation is minimum criteria
Any Information security certification will be plus point for this role.
Required 7 plus years of experience