ISMS Expert

Douran Group Tehran

Posted 3 months ago

Job Description

- Implementation, operation and maintenance of the Information Security Management System based on the ISO/IEC 27000 series standards, including certification against ISO/IEC 27001 where applicable - Performs information security risk assessments and assess the control environment of the business processes and applications under review, including both manual and automated processes in accordance with the information security program - Assist both internal and external audits relating to information security as well as performing independent audits to validate completeness and accuracy of the information security program - Develop remediation and corrective action plans with related governance and operational functions (such as Physical Security/Facilities, Risk Management, IT, HR, Legal and Compliance) plus senior and middle managers throughout the organization as necessary - Author and revise information security policies, standards, procedures and guidelines, in conjunction with the Information Security Forum - Assists with the development and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies and applicable laws and regulations - Develop supporting information security awareness, training and educational material - Maintain an accurate system and control inventory including identification of supporting roles

Requirements

- At least 2 years of full-time work experience in information security management and/or related functions (such as IT audit and IT Risk Management) - Information security management qualifications such as “ lead Auditor” or “Security+” - Hands-on team working experience - Strong analytical skills - Communication skills - Attention to details - Ability to coordinate with outside teams regarding policies, procedures or standards, and controls - Understand customer contract requirements as to security and data privacy/ protection

Job Category

  • IT - Network Administration

Employement type:

  • Full Time

Seniority:

  • Junior Professional

Job Category

  • IT - Network Administration

Employement type:

  • Full Time

Education:

Seniority:

  • Junior Professional

To see more jobs that fit your career

Similar Jobs

IT Help-desk

IRANOFOGH

Ahwaz
Ahwaz
Tehran
Tehran

ERP Manager

IRANOFOGH

Tehran

ICT Engineer

Dana Energy

Tehran

IT Supervisor

Saman Insurance

Tehran

Salary Estimator

Discover your current worth in the job market.