Full Time
Ebene
Posted 3 months ago
Key Responsibilities:
1. ISMS Maintenance:
- Assist in conducting regular reviews and updates of ISMS policies, procedures, and documentation to ensure they are current and effective.
2. Compliance and Audit:
- Ensure compliance with relevant information security standards (e.g., ISO/IEC 27001, DPA, NIST).
- Assist in preparing for and facilitating internal and external audits related to the ISMS.
- Address audit findings and implement corrective actions as necessary.
3. Security Awareness and Training:
- Assist in developing and delivering information security awareness training programs for employees.
- Assist in promoting a culture of security awareness throughout the organization.
- Provide guidance and support to employees on information security best practices.
4. Incident Management:
- Assist in coordinating the response to information security incidents and breaches.
- Assist in conducting post-incident reviews and implement improvements based on lessons learned.
5. Continuous Improvement:
- Assist in monitoring and evaluating the effectiveness of information security controls and processes.
- Stay updated with the latest developments in information security and incorporate relevant advancements into the ISMS.
6. Collaboration and Communication:
- Work closely with all departments to ensure information security requirements are integrated into business processes.
- Communicate information security policies, procedures, and requirements to stakeholders.
- Act as a point of contact for information security-related inquiries and issues.
Qualifications:
- Education: Bachelor’s degree in information security, Computer Science, Information Technology, or a related field.
- Experience: At least 1 year of experience in information security, risk management, or related fields is desirable.
- Certifications: ISO/IEC 27001 Implementer or similar certifications is desirable.
Skills:
- Knowledge of information security frameworks, standards, and best practices. Proficiency with security tools and technologies.
- Strong analytical and problem-solving skills. Ability to assess risks and develop effective mitigation strategies.
- Excellent written and verbal communication skills. Ability to convey complex security concepts to non-technical stakeholders.
- High level of attention to detail and accuracy in work.
- Strong interpersonal skills and ability to work collaboratively with cross-functional teams.