ROLE PURPOSE: Post: Associate Information Security Analyst

• (1 - 4 years in Risk Analysis / Compliance).

Please note this is not a VAPT role.

· The selected candidate is responsible for supporting the Senior Information Security and Privacy Program.

· It involves supporting, monitoring, and documenting the effectiveness of the program.

· This is a hands-on position that requires practical experience in the areas of information security, privacy, and audit & risk management.

· The candidate is responsible for executing defined security and privacy-related activities.

· The candidate also helps in the application of security policies and standards across the company, including software engineering, finance, operations, and IT.

· The ideal candidate should have 1 - 5 years of practical information security, Compliance, Audit and risk assessment (ISO 27001) experience in a regulated environment.

· CyberSRC Consultancy LLP has a dynamic work environment providing the opportunity for significant growth in knowledge and experience in the areas of information security, risk management & privacy.

· Keeping tab on implementation of various advisories/Patches/security update across all platforms and MIS/reporting.

· Record keeping for the purpose of compliance covering all types of IT/Info security audits.

· Responsible for update of the policies, procedures related to Information Security and privacy

· Weekly/Monthly advisory creation and dissemination across organization to educate users. The advisories will be based on Organization’s policies & latest development in cyber security and potential impact to Organization

Responsibilities:

· Maintaining policies/ procedures and other documentation.

· Responsible for performing all Security internal/external audits & IT risk assessment activities, tracking till closure

· Assist in conducting information security awareness sessions.

· Perform internal audits and ensure compliance against Clients policies and external laws.

· Assist the team in managing technology risk assessments, report on findings & and remediation plans and track status of projects.

· Interact with clients and support engagements in the areas of GRC, Security and Privacy related internal audits.

· Process reviews, standard operating procedures and risk managements .

· Assist in developing new solutions and methodologies for project deliverables.

· Prepare written deliverables and presentations.

Requirements:

Qualifications BE/ B.Tech/ MSc/ MCA equivalent.

Certifications: Lead Auditor ISO 27001 (mandatory requirement), Preferrable certifications (anyone) – CISM, CISSP, CEH, CompTia Security+

· Certification good to have: ISO/IEC 27001 LA.

· Good Knowledge of ISO 27001, ISO 27002, ISO 9001, ISO 22301.

· Basic knowledge of privacy laws such as GDPR and Personal Data Protection Bill.

· Security audits and assessments – information, network, application, etc.

· MS Office (Word, Excel, PowerPoint, Access).

· .Excellent organization, communication and presentation skills.

· Ability to multi-task.

· General professional writing proficiency.

· Experience In The Information Security and Audit Industry Is Preferred.

Thanks & Regards Pooja Pandey Human Resource Manager CyberSRC® Consultancy.

Personal: +91 8800350001 Website: http://www.cybersrcc.com/ Head Office: Noida: Unit 605, 6th floor, World Trade Tower, Tower-B, Noida, Uttar Pradesh (India) UK | INDIA