ISMS Auditor-cum-GRC Support Analyst

Koratty, Kerala
Permanent
Full-time

4 days ago

Job Description:We are seeking a skilled ISMS Auditor-cum-GRC Support Analyst professional to plan, execute, and support Information Security and IT audits aligned with ISO 27001 standards. The role involves assessing security controls, identifying risks, and providing actionable recommendations to strengthen the organization’s security posture.Key Responsibilities

Plan and execute ISMS audits in accordance with ISO 27001 standards.
Develop audit schedules and ensure timely completion of audit activities.
Conduct opening and closing meetings with stakeholders.
Prepare audit plans, checklists, and comprehensive audit reports.
Document audit findings, non-conformities, and recommendations.

Key Deliverables / Outcomes

End-to-end execution of IT/IS audits (planning, fieldwork, and reporting).
Support IT/IS assurance and advisory engagements.
Evaluate design and effectiveness of IT controls and security frameworks.
Perform security assessments across:
User Access Management
Network Security
OS & Application Security
Encryption
Backup & Recovery
Disaster Recovery
Security Awareness & Training

Required Skills

Bachelor’s degree in science or engineering.
ISO 27001:2022 Lead Auditor / Implementor certification.
Preferred certifications: CISA, CISM, CISSP.

Key Competencies

3–5 years of experience in information/cybersecurity.
Strong knowledge of network, information, and cloud security.
Good understanding of ISO 27001 standards and documentation.
Familiarity with frameworks such as RBI CSF and NIST CSF.
Knowledge of IT infrastructure and security audits.
Basic understanding of:
Networking concepts
Operating systems
Endpoint and security devices
Awareness of business continuity frameworks.
Exposure to compliance standards like PCI DSS, HIPAA, etc.
Strong written and verbal communication skills.
Self-driven learner with updated knowledge of latest threats and vulnerabilities.

ValueMentor

Apply Now