This role is for one of the Weekday's clients

Salary range: Rs 600000 - Rs 1500000 (ie INR 6-15 LPA)

Min Experience: 2 years

Location: Bangalore

JobType: full-time

This role is ideal for professionals with a passion for cybersecurity and compliance, looking to contribute to ISO 27001 implementation, audits, and security best practices.

Job Responsibilities:

• Independently conduct ISO 27001 audits for internal teams and clients.
• Perform network architecture reviews to assess security risks.
• Evaluate system configurations for Windows, Linux, Servers, Databases, Routers, Switches, and Firewalls to ensure compliance with security standards.
• Review firewall rules and application code to identify potential vulnerabilities.
• Conduct Risk Management and ISMS audits for clients.
• Perform Business Impact Analysis (BIA) and assist clients in Business Continuity Planning (BCP) and Disaster Recovery (DR) exercises.
• Develop and maintain audit checklists, documentation, and reports.
• Design and implement ISMS frameworks based on ISO 27001 requirements.
• Manage and maintain an ISO 27001-compliant Document Management System, including policies, procedures, and records.
• Collaborate with internal Engineering and VAPT teams to support Vulnerability Analysis and Penetration Testing (VAPT) activities.
• Conduct Security Awareness Training sessions for clients and internal teams.

Skills & Qualifications:

• Experience in IT security, infrastructure audits, and compliance assessments.
• Hands-on experience with cloud platforms such as AWS, Azure, and GCP.
• Successfully audited at least three clients and implemented ISO 27001 standards and processes for a minimum of two clients.
• Strong understanding of Risk Management, Business Continuity Planning (BCP), and Disaster Recovery (DR).
• Proven ability to conduct ISMS audits independently.
• Good knowledge of networking, operating systems, endpoint security, and security devices.
• Basic understanding of compliance frameworks like PCI DSS, HIPAA, and GDPR.
• Knowledge of PCI DSS standards and implementation is an added advantage.
• Self-motivated with a strong ability to stay updated on emerging security threats, vulnerabilities, and technologies.
• Experience in conducting IT General Controls Audits.
• Skilled in delivering Security Awareness Training for clients and internal teams.
• Strong written and verbal communication skills.