Job Description
Information Security Management System Administrator – Pakistan/ Karachi
This position is responsible for administering and monitoring the operational and security stability of the company infrastructure, servers, computer systems, and networks. The primary focus of this role is to implement and manage security policies and procedures that protect the organization’s sensitive information, data, and resources from unauthorized access, misuse, or loss.
ISMS Administer will:
· Ensure the continued development and maintenance of the Information Security Management System (ISMS).
· Ensure compliance with the ISO27001 Information Security Standard. The candidate should be familiar with NIST and CIS framework; SOC2 Type II; as well as other legal and regulatory requirements such as HIPAA.
· Ensure appropriate controls are identified, documented, proactively tested, have assigned owners and evidence is captured for audit purposes.
· Assign responsibility and monitor corrective / preventative actions and nonconformances created to report the weaknesses and to improve the ISMS.
· Managing all relevant internal IT security policies and procedures which includes, reviewing, revising, communicating, and implementing as appropriate.
· Identify potential risk situations/impacts, leading IT security and compliance risk assessments, and recommending risk mitigation strategies.
· Managing all IT risk and compliance remediation and improvement initiatives.
· Schedule and conduct ISO27001 Audits to verify compliance of the ISMS and its Targets and Objectives.
· Host scheduled Management Reviews to report on the compliance of the ISMS with ISO27001 Standard and the ISMS Targets and Objectives.
· Promote Information Security awareness across the organization.
Qualifications:
· ISO27001 Lead Auditor Certified
· ISO 9001 Internal Auditor Certified.
· Knowledge of the SOC2 Type II certification requirements is a plus.
· Proficiency in English (Verbal and Written)
Apply for this position
