Global Security Services GRC Security Specialist

Chennai - India

Monthly Salary: Not Disclosed

Posted on: 21 hours ago

Vacancies: 1 Vacancy

Job Summary

GRC Security Specialist

Role Summary:

TheISMSSpecialist / GRC Analyst / Information Security Analystis responsible forsupportingmaintaining and continuously improving the organizations Information Security Management System (ISMS) in line with international standards (e.g. ISO/IEC 27001and NIST). The role ensures that information securitysteering documents and associatedcontrols are implementedmonitored and effective and that compliance with regulatory and internal requirements ismaintained. The specialist acts as a subject matter expert providing guidance and support across the organization onGRC(Governance Risk & Compliance)-related matters.

Key responsibilities:

Maintain and improve the ISMS framework policiesdirectivesand internal standards.

Coordinate and support internal and externalinformation securityassessments.

Monitor compliance with information security policies and standards.

Supportrisk assessments and risk treatment activitieswithin Information Security.

Monitorand report onInformation Securityperformance metrics.

Provide training and awareness on ISMS topics.

Liaise with stakeholders to ensure alignment with businessobjectivesand regulatory requirements.
Third-party riskassessmentsand Securityassessmentsinternally

Responsibilities and authorities

List of responsibilities and authorities:

Authorized to access and manage ISMS documentation and records.

Can recommend and initiate corrective and preventive actions within the ISMS scope.

May have authority to approve certain ISMS-related changes or exceptions.

No direct budget or personnel responsibility unless otherwise specified.

Reports to the Group Information Security Risk & Compliance Manager on ISMS matters.

Key competences:

List of key competences

In-depth knowledge of ISMS frameworks (especially ISO/IEC 27001and NIST).

Strong understanding of information security risk managementas well asmanagement systems.

Analytical and problem-solving skills.

Effectiveandeasy to understandcommunication and stakeholder management.

Project management abilities.

Requirements:

Education: Bachelors degree in computer science information security or related field.

Relevant certifications (e.g. ISO/IEC 27001 Lead Implementer/Auditor CISM)

Languages:

Fluent in English

Computer skills:

Good Microsoft 365 suite ServiceNow platform

Other:

Experience:

8 years in information security or a related field preferably in a global or enterprise environment.

Personal qualities:

List of personal qualities

VeryDetail-oriented and thorough.

High integrity and confidentiality.

Proactive and self-motivated.

Strong organizational and planning skills.

Ability to work independently and as part of a team.

We are the ASSA ABLOY Group
Our people have made us the global leader in access return we open doors for them wherever they go. With nearly 63000 colleagues in more than 70 different countries we help billions of people experience a more open world. Our innovations make all sorts of spaces physical and virtual safer more secure and easier to access.

As an employer we value results not titles or backgrounds. We empower our people to build their career around their aspirations and our ambitions supporting them with regular feedback training and development opportunities. Our colleagues think broadly about where they can make the most impact and we encourage them to grow their role locally regionally or even internationally.

As we welcome new people on board its important to us to have diverse inclusive teams and we value different perspectives and experiences.

Required Experience:

GRC Security SpecialistRole Summary:TheISMSSpecialist / GRC Analyst / Information Security Analystis responsible forsupportingmaintaining and continuously improving the organizations Information Security Management System (ISMS) in line with international standards (e.g. ISO/IEC 27001and NIST). The ...