Responsible for ISO 27001 based Information Security Management System implementation and sustenance.
Responsible to assist in review of Information Security controls in areas as: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Exchange of information, Physical Security
Responsible to assist in developing information assets inventory and classification.
Review & Analyze system generated reports, logs, audit reports, vulnerability test results, and penetration test reports.
Assess of operating system updated, patches and request configuration changes to tighten security
Ensure the security of traffic that passes through the network
Understand the attack simulation and provide suggestions on improving the enterprise security
Review and analyze the security incidents, emerging threats & alerts that are generated in security device logs
Assists security administrators and IT Team in the resolution of reported security incidents
Analyze the results of security assessments and work with system owners to remediate found issue
Review and maintain risk control matrices. Assess information security posture, identify the risks in the environment and share solutions to mitigate the identified risk
Assess information security posture, identify the risks in the environment and share solutions to mitigate the identified risk
Assess of user access provisioning and de-provisioning.
Responsible for creating weekly dashboard on the security statuses providing high level review of Information Security to the upper management
Skills and Requirements
Government Risk Compliance (GRC)
ISO 27001 Certification