Information Security Specialist

Responsibilities and Duties:

• Policy & Compliance: Develop and implement Information Security Management System (ISMS) policies and procedures.
• Learning Management: Design, monitor, and enhance learning modules for security awareness.
• Risk & Compliance: Conduct contract reviews and manage Third-Party Risk Management (TPRM) processes.
• Security Monitoring: Track and resolve exploitable vulnerabilities with the support team.
• Phishing & Threat Management: Execute phishing tests and monitor firm-wide progress.
• Access & Software Management: Handle Infosec software installations, VPN access, generic email IDs, and admin rights requests, ensuring proper tracking and documentation.
• Security Operations Center (SOC): Monitor and send SOC alerts to relevant teams while maintaining records.
• Reporting & Analysis: Prepare Management Information System (MIS) reports for the IT team.

Qualifications & Skills:

• Experience: 3-5 years in Information Security Management within consultancy services.
• *Certifications: ISO 27001:2022 & ISO 31000 Internal auditor certification.*
• Technical Expertise: Preferred experience with ServiceNow, Learning Management, and Patch Management (Banks/NBFIs/Consultancy).
• Analytical & Problem-Solving: Strong ability to assess risks and implement solutions.
• Communication: Excellent verbal and written skills for effective collaboration.
• Organized & Methodical: Attention to detail with a structured approach to security management.