ewandzdigital Inc. - GRC Analyst - ISMS (5-6 yrs)

Responsibilities :

- Lead and support the implementation and ongoing maintenance of an effective ISMS, adhering to ISO 27001 requirements and relevant data privacy regulations (e.g, DPDP Act).

- Monitor compliance with internal security policies, industry regulations, and legal requirements.

- Manage internal and external security audits, ensuring a smooth audit process and timely remediation of identified gaps.

- Evaluate and improve the effectiveness of existing security controls, recommending and implementing enhancements as needed.

- Foster a culture of security awareness by developing and delivering security training programs for employees.

- Collaborate with the security team on incident response procedures, crisis management plans, and continuous improvement initiatives.

- Maintain comprehensive documentation of security policies, procedures, risk assessments, and compliance activities.

Technical Skills (Must-Have) :

- 5+ years of experience in Governance, Risk, and Compliance (GRC), with a strong focus on information security management systems (ISMS).

- In-depth knowledge of ISO 27001 standards and related security frameworks.

- Understanding of data privacy regulations and compliance requirements (e.g, DPDP Act).

- Proven experience in conducting and managing security audits.

- Excellent communication and collaboration skills to work effectively with cross-functional teams.

Technical Skills (Good to Have) :

- Certifications in information security (e.g, ISO 27001 Lead Implementer/Auditor, CISSP, CISM, CRISC) are a plus.

- Experience with GRC tools and technologies is a plus