Home
Communities
Companies
- Companies
  
  Discover best places to work
- Compare Companies
  
  Compare & find best workplace
- Add Office Photos
  
  Bring your workplace to life
- Add Company Benefits
  
  Highlight your company's perks
Reviews
- Company reviews
  
  Read reviews for 6L+ companies
- Write a review
  
  Rate your former or current company
Salaries
- Browse salaries
  
  Discover salaries for 6L+ companies
- Salary calculator
  
  Calculate your take home salary
- Are you paid fairly?
  
  Check your market value
- Share your salary
  
  Help other jobseekers
- Gratuity calculator
  
  Check your gratuity amount
- HRA calculator
  
  Check how much of your HRA is tax-free
- Salary hike calculator
  
  Check your salary hike
Interviews
- Company interviews
  
  Read interviews for 40K+ companies
- Campus placements
  
  Interviews questions for 2K+ colleges
- Share interview questions
  
  Contribute your interview questions
Jobs
Awards

WINNERS AWAITED!
- ABECA 2025
  
  WINNERS AWAITED!
  
  AmbitionBox Employee Choice Awards - 4th Edition
- ABECA 2024
  
  AmbitionBox Employee Choice Awards - 3rd Edition
- AmbitionBox Best Places to Work 2022
  
  2nd Edition
- AmbitionBox Best Places to Work 2021
  
  1st Edition

For Employers

Add office photos

Employer? Claim Account for FREE

C3i Hub

Compare

3.4

based on 14 Reviews

13 C3i Hub Jobs

Senior Information Security Management System (ISMS) Auditor

C3i Hub

3.4

based on 14 Reviews

7-11 years

Kanpur

1 vacancy

Senior Information Security Management System (ISMS) Auditor

C3i Hub

posted 6mon ago

Job Role Insights

Flexible timing

Key skills for the job

Consulting Project Management Information Technology Risk Management ISO 27001 Lead Auditor PCI DSS

+ 3 more

Job Description

We are looking for a skilled and proactive ISMS Auditor to join our team, responsible for conducting audits and assessments of our our client s Information Security Management System (ISMS)
The ideal candidate will possess a solid understanding of ISMS frameworks and standards, such as ISO 27001 NIST, and IEC 62443, and demonstrate expertise in evaluating security controls and processes
Strong analytical skills, attention to detail, and a commitment to upholding security best practices are essential for this role
The successful candidate will play a key role in ensuring the integrity and effectiveness of our information security practices
- Assist and review the development and implementation of comprehensive Information Security audit/ implementation plans aligned with organisational risk assessments and relevant standards
- Conduct independent and objective review assessments of the Information Security Management System (ISMS), evaluating the design, implementation and effectiveness of information security controls
- Identify and assess the client organisations information security risks and provide assistance with audit reports and identify areas for improvement
- Stay updated with industry trends, standards and regulations related to information security through professional development activities and participate in continuous improvement initiatives to enhance the effectiveness of the ISMS department s activities
- Collaborate effectively with diverse stakeholders across various internal/client departments (IT, HR, Legal, etc
)
to ensure alignment with Information Security Management policies, procedures, guidelines and processes and to implement corrective actions
- Explain audit findings and recommendations to senior management and relevant parties, ensuring understanding and buy-in for proposed actions
- Review and customise information/cyber security training and awareness materials when needed and conduct training on specific programs for clients as and when required
- Support the organisation/clients in achieving and maintaining ISO 27001:2022 certification and other compliance standards/ frameworks
- Review and update ISMS audit methodologies and tools based on emerging threats, best practices and organisational changes
- Adhere to strict ethical standards and organisational information security policies when handling sensitive data obtained during the audit process
Mandatory Eligibility- Must hold an under-graduate degree in Technology, Engineering, Information or Cyber Security, Computer Science or similar relevant post-graduate degrees
-Minimum Practical 5+ years experience in information security management system auditing, risk management, or IT auditing, of which five or more years in a role or function related to Information Security Management System Audits/ Information Technology (IT) Audits
- Extensive experience in ISO 27001, NIST CSF, PCI-DSS, DPDPA, Risk Management, or GDPR, ISA 62443, Project Management standards/frameworks for consulting, collaboration, implementation auditing is strongly desired
- Experience planning, preparing, and delivering internal and external audits, and implementation of Information Security programmes
- Experience with International and National regulatory compliances, with a focus on Indian Regulatory Compliances such as DPDPA, CERT-In, NCIIPC, RBI, SEBI, IRDA, SMLDI, etc
- Knowledge of industry and good practices and procedures, Information Security Management tools-methods-techniques-and their applications, ISMS specific documentation structures-hierarchy-and interrelationships, electronic, and digital signatures, electronic evidence collection, etc
- Sound Knowledge of Audit/ Implementation planning, Audit risks, Information Security Process Analysis, information security controls, risk assessment methodologies, vulnerability management principles and Internal Auditing of Information Security Management Systems