EMT_Supervising Associate
Navi Mumbai, India
Job description
Job Description:
This role is primarily responsible for maintaining the Information security management systems for LMS Operations as well as work for the larger GDS Tax initiatives as needed
Exposure to the information security Management systems at the operational level is a prerequisite and ISO 27001:2013 certification audit exposure will be helpful.
Key responsibilities include:
· Ensure ongoing conformance with ISO27001 and the information security and data security posture
· Need to be responsible to ensure data security guidelines are adhered to for the Business services under the Legal Managed Services scope
· Management of internal audit / external audit programs. Creation of an action plans to be applied to any non-conformance reported by the internal auditing process.
· Contribute to the information security awareness and training programme and customize localized trainings as required
· Co-ordinate information security activities with the different stakeholders and liaise with them for audits
· Investigating suspected and actual breaches of security and undertake reporting of these in compliance with incident management program. Recommending remedial action for suspected and actual breaches of security as required.
· Working with managers and wider business to establish and satisfy any customer specific Information Security issues or related risk reviews
· Provide input and guidance on information security points during customer contract reviews / negotiations for the related operations
· Operationally involve with the Business continuity plan owners and the Business continuity office to ensure implementation
· Be involved in the internal audits on information security and business continuity and check ongoing readiness
Skills and experience:
· Proven experience of taking an organisation through ISO27001 implementation and gaining ISO27001 accreditation will be an advantage
· Highly organised and disciplined with the ability to manage projects involving a variety of stakeholders to achieve deadlines.
· A constructive approach to managing internal relationships and problem solving.
· Aptitude to produce documents and communications of the highest standard.
· An ability to work flexibly to deadlines and respond constructively to feedback.
· The effective management of their own time to meet agreed work schedules.
· Effective communication across all levels of the organisation.
· Professional competence for the role including information security, business continuity, IT and Risk
· Competency of the intricacies of the Information security management system
· Ability to build and maintain good working relationship across many different teams
· Excellent written, oral and presentation communication and stakeholder engagement skills.
· Experience in coaching and mentoring junior team members.
· Team player, with the ability to multi-task, flexible and can work under pressure.
· Commitment to continuous learning and proactively implement onto new processes
· Understanding of the management and operational aspects of the program and the capability to work with diverse teams and personnel as a practice will be an important consideration.
Education / Qualifications:
· Industry recognised qualifications relevant to information risk and security management
· ISO 27001:2013 Lead auditor course, CISA , CISM desirable