ISO process expert

Job Description

Xoxoday is looking for an expert in Governance, Risk and compliance domain, with knowledge in ISO 27001 and privacy frameworks who will ensure the administration of an organization's information security, quality, and continual improvement of processes based on current standards 



Xoxoday Head Office, Bangalore (HSR Layout)


What you'll be doing


  • Implementation, Operation, and maintenance of the Information security Management system ISO 27001
  • Perform information security risk assessments and assess the control environment of the business processes and applications 
  • Assist both internal and external audits relating to information security as well as performing independent audits to validate the completeness and accuracy of the compliance program and other clients audits
  • Recommend/ develop remediation and corrective action plans with related governance and operational functions (such as Physical Security/Facilities, Risk Management, IT, HR, Finance, Operations, and Compliance
  • Management, maintenance, updating and availability of the related documentation
  • Author and revise policies, standards, procedures, and guidelines, in conjunction with the information Security Forum and with inputs from various stakeholders
  • Development and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies and applicable laws and regulations
  • Follow up with respective stakeholders to close NCs


What you need to succeed in this role


  • 3-5 years of experience in an associated field
  • Written and verbal communication skills
  • ISO 27001 end to end implementation/ gap assessment / Audit based on complete controls of ISO 27001
  • Understanding on Cloud service models and security controls
  • Basic understanding of SDLC and segregation of duties
  • GDPR and other privacy regulations & framework
  • Coordinate and respond to client RFPs and security questionnaires
  • Strong understanding of information security fundamentals
  • Capable of understanding network design diagrams
  • Preferred certifications (anyone): CISA, ISO 27001 Lead Implementer/ Lead Auditor, CISSP



Benefits of joining us


  • Ability to join a small and growing team, and work with some of the coolest people you've ever met
  • Opportunity to make an impact, and leave your mark on this organization
  • Competitive compensation, with the ability to shape your own career trajectory
  • Go Extra Mile with Learning and Development

Bengaluru, Karnataka
Experience: 3-5 years