1. Conducting audits, reviewing policy/procedure documents for compliance, writing compliance reports, preparing and delivering briefs
2. Provides information security consultation for all aspects of information security compliance policy, risk management and remediation
3. Travel to the client location for assessments and validation of physical and technical controls that are expected to maintain the compliance
4. Review of technical controls such as firewalls, operating system hardening, malware protection, IDS/IPS and various network monitoring and protection methods
5. Work closely with clients to assess their IT security posture and identify weaknesses and vulnerabilities in relation to the PCI-DDS security framework, ISO and other compliance standards
6. Maintaining the quality of audit and audit reports.
Must have Skills
1. ISO 27001 Lead Implementer or ISO 27001 Lead Auditor Certification
2. Should have knowledge on ISO 27001 standards, PCI DSS and Vulnerability management.
3. Experience in information security risk assessment
4. Strong oral and written communication skills
5. Handle Client audits and ability to liaise with different stakeholders to fix the findings
Good to have Skills
1. Comfortable with making compliance dashboards and presenting to stakeholders
2. Ability to work independently or in collaboration environments to meet delivery obligations
3. Should have good understanding of Network and OS concepts, operating system hardening standards, IT Infrastructure.
2. CompTIA S+
3. PCI DS