Information Security, Specialist

Information Security Responsibilities

• Promote and enforce awareness of key information security practices, including acceptable use of information assets, malware protection, and password security protocols
• Identify, assess, and report security risks, focusing on how these risks impact the confidentiality, integrity, and availability of information assets
• Understand and evaluate how data is stored, processed, or transmitted, ensuring compliance with data privacy and protection standards (GDPR, CCPA, etc.)
• Ensure data protection measures are integrated throughout the information lifecycle to safeguard sensitive information

POSITION OVERVIEW

• Information Security, Specialist will work closely with Associate Director, Info Sec. and IT team.
• He/she will be responsible for maintaining the Information Security Management System, Vulnerability Management, Risk Management, and reporting using various monitoring systems. 
• He/she shall also participate in facilitating audits, overall governance & compliance measures that involve collaboration with relevant stakeholders.

RESPONSIBILITIES 

• Ensure that the processes of Information Security Management System, Data Privacy & Protection measures are established, implemented, and maintained.  
• Participate in short- and long-term planning. Monitor compliance with Information Security standards, Data Privacy & Protection requirements.  
• Measure effectiveness of Information Security controls and make corrections/improvisations if required.  
• Coordinates and prioritizes information security initiatives.   
• Works with information security forum and management to accomplish information security & Data Privacy goals.  
• Assist in the completion of Supplier/Customer Security questionnaires.  
• Plan and conduct internal audits. Facilitate external audits like ISO, SOC etc.  
• Reviews instances of noncompliance and works effectively and tactfully to correct deficiencies.  
• Work with IT & various functions to address identified vulnerabilities and track it to closure.  
• Participate in risk management exercise for all business and corporate functions.  
• Conduct effective analysis of information security violations, security incidents and computer crimes.   
• Support business continuity and disaster recovery planning.  
• Support building and maintaining company’s incident response playbooks for various incident scenarios.   
• Verify the security of third-party vendors and collaborating with them to meet security requirements.  
• Liaison with External Agencies on matters relating to the information security & Data Privacy  

REQUIRED SKILLS

• Strong knowledge in Information Technology  
• 3-5 years of experience information security, IT audits, information security auditor, and/or previous role as an information security officer  
• Good communication skills, both verbal and written  
• Ability to manage multiple tasks and change priorities.  
• Ability to work collaboratively in a team.  
• Willingness and ability to explore and learn new areas.

PREFERRED SKILLS 

• Exposure to Information Security standards such as ISO27001:2013/ISO27001:2022  
• Any Information Security specific certification like CISSP, CISM, CEH etc.  
• Proficient in the use of MS Office product suite (365)