Isms Manager Job in Bekaert Industries Pvt Ltd

Key Responsibility ISMS Manager will be primarily responsible for- Developing the information security policies, framework, process and standards that meet legal, regulatory, and industry standards. Govern the currently developed information security polices and critical process and ensure there are periodically reviewed so they remain relevant to current security threat landscape. Ensure the security polices, framework, process and guidelines are communicated to relevant stakeholder and required education campaign is developed to create the awareness on security polices, framework, process and guidelines. Develop the information security risk assessment program and conduct risk assessments with help of external security partner to identify potential threats to the organization's information assets and developing appropriate risk mitigation strategies. Annually assess maturity of information security program maturity as per NIST Cyber security framework Perform Security Gap assessment to check compliance with Bekaert's Security polices and framework. Explaining and articulating potential business risks to key stakeholders Own Information Security Risk register and apprise CISO office, IT leadership team and relevant stakeholder on identify cyber security risk. Develop and Maintain Key Performance Indicators (KPI s) and Key Risk Indicator (KRI s) for Cyber Security program and monitor their achievement on periodic basis. Assessing the effectiveness of the organization's Cyber security technology controls framework to ensure that they are adequate and functioning as intended. Establish Information security Exception management program and periodically review and approve the Information security exception request. Develop, manage and implement a positive security awareness program, which focuses on establishing security aware culture in organization and home Lead the creation and procurement of awareness deliverables and learning content, leveraging various channels for effective delivery in our global organization, measures the usage of the content and its effectiveness, and develops metrics Will be responsible for the day-to-day operation of the phishing assessment program Skills & Competencies Strong knowledge of information security policies and principles of information handling and protection Demonstrates in-depth knowledge of security and privacy controls and risk management process Strong knowledge and experience in information security risk Assessment/management program Experience in conducting risk assessments and developing risk mitigation strategies. Experience deploying and measuring effectiveness of security awareness to a global audience, leveraging LMS, webcasts, and other technology Experience in leveraging industry standards and frameworks such as ISO/IEC 17799, ISO/IEC 27001, COBIT, ITIL, etc.