Communication Skills: Excellent

Interpersonal Skills

Self-motivated- High

Confident- High

Leadership- High

Proactiveness- High and Forward Thinker

Problem Solving, Logical, Analytical Skills

Problem Solving – High
Logical Ability – High

Analytical – High

Risk Management – High

Top Skills:

• Minimu

• Experience of participation and management of ISMS processes
• Experience of establishment and review of ISO 27001 controls
• Experience and Expertise on conducting Internal Audits
• Can act as CISO/ Aspire to be CISO
• Presentation skills and Communication skills to respond to clients/ vendors/ managers/ stakeholders on ISMS controls and established framework
• Experience in Change management process
• Experience in handling risk management

Communication Skills:

• Must be an effective communicator with proven ability to communicate complex information and concepts with clarity
• Must be fluent in English, Reading and writing both. Email writing skills at Enterprise level is a must requirement.
• Define which type of communication channels are acceptable and which are not.
• Prepare communication equipment to be used in case of an emergency / disaster.
• Propose the draft of main information security documents – e.g., Information security policy, Classification policy, Access control policy, Acceptable use of assets, Risk assessment and risk treatment methodology, Statement of Applicability, Risk treatment plan, etc.
• Be responsible for reviewing and updating Quality and Security documents.

Skills and Responsibilities:

• Working with all business units to determine possible risks and risk management processes.
• Establishing and implementing an ISMS Policy, ISMS Objectives,
• Build ISMS awareness across the organization,
• Establish Information Security Roles & Responsibilities,
• Facilitate implementation of ISMS across the organization,
• Schedule & conduct periodic internal ISMS audits, and present reports in MRM,
• Coordinate & conducting management reviews of the ISMS,
• Deciding the criteria for accepting risks and acceptable level of risks,
• Ensure overall reporting, analysis, and evaluation of security-related event, incidents & breaches within the organization,
• Obtains DR preparedness assessment from DR Manager periodically,
• Coordination with external agencies e.g.: Certification bodies, security consultants, security forums, etc.
• Ensure compliance with legal requirements,
• Contact with authorities & special interest groups,
• Review of risk assessment,
• Ensure internal ISMS audit at planned internal,
• Monitoring of ISMS implementation & its effectiveness
• Defines and specifies the implementation of standards, methods, and procedures for inspecting, testing, and evaluating the precision, accuracy, process and product stability via SPC, and reliability of company products
• Review all development and quality plans for completeness.
• Participants as inspection moderators in design and code inspections.
• Review all test plans for adherence to standards.
• Review a significant sample of all test results to determine adherence to plan
• Worked for ISMS and software processes maturity models like CMMI, and ISO270001:2013.
• Knowledge of Auditing and Reviews for process development.
• Worked with Quality Control in Software Development.
• Worked with assessment and certification processes for CMMI.
• Participate in & lead various projects relating to compliance & regulatory initiatives.

Desirable Skills:

• Certifications – Cyber Analysis/ Cyber Security, Cyber Forensic etc.
• Should possess a flexible approach to problem-solving, be an adept negotiator, and be effective in trouble-shooting problems, issues, and/or conflicts
• Proven ability to establish collaborative working relationships with internal and external stakeholders
• Strong organizational skills, with the ability to effectively prioritize, manage multiple projects and tasks, and have great attention to detail
• The ideal candidate is highly ethical, flexible, action- and goal- oriented.