Information Security Analyst

Job Description:

Position Summary:

The position will support the organizational initiatives and activities on Cyber Security/Information Security. This involves the development, im plementation, and support of various security programs, processes, best practices and controls across the organization. It also requires to continuously monitor, review and report of the compliance & security posture of the organization.

Responsibilities:

 Conduct Risk assessments, information security internal audits

 Provide consultation on remediating controls and follow up

 Perform reviews and conduct internal security audits on Cyber Security/Information security and ensure the organizational security controls are appropriate and effective

 Ensure compliance to client security requirements

 Provide support for obtaining and maintaining Security Certification and Assurance programs like ISO 27001, PCI DSS, HITRUST, TISAX, SOC 2, etc.

 Participate in various organizational initiatives and activities to maintain the Information Security Management System (ISMS) based on ISO 27001

 Develop and maintain Information Security policies, procedures, standards and guidelines

 Coordinate response to information security incidents

 Provide awareness and training in relevant areas

 Collaborate with IT, Finance, HR and other departments for various security related activities

 Conduct security research and keep abreast of latest security trends and issues

Desired Skills/Experience:

 4+ years of experience in Information Security

 Knowledge of Information security standards & best practices (e.g., ISO 27001, NIST, etc.), and regulations related to information security and privacy

 Strong analytical and problem solving skills

 Excellent communication and interpersonal skills

 Knowledge of security tools, techniques and methodologies

 Professional/Technical Certifications (Security +, ISO 27001 LA, CISA, CISSP, CCSE, CCSP, etc.) desirable