Information Security Officer

The employee is responsible for establishing, implementing, securing, maintaining and continually improving Quality Management Systems (QMS), Information Security Management Systems (ISMS) integrated in Information Security and Quality Management Systems (IQMS) vide designing appropriate policies, procedures and controls for maintaining, securing and improving services, products and process at the Company.

Role and Responsibilities :

• Policy & Standard Development : Develop, implement, and maintain comprehensive policies, procedures, and standards in accordance with relevant information security frameworks and requirements. Ensure these align with organizational information security policy and are appropriate to Firstventure's activities and facilities, safeguarding the security, confidentiality, and privacy of information.
• Delegation & Resource Coordination : Delegate responsibilities to internal personnel or engage external professionals with the required competence as needed. Coordinate with Top Management / Steering Committee to ensure adequate resources are essential for establishing, implementing, maintaining, controlling, securing, and improving the Integrated Quality Management System (IQMS).
• Incident Management : Monitor and report on any information intrusion incidents. Activate and implement strategies to prevent future incidents and mitigate risks.
• Information Asset Management : Work collaboratively with information custodians to ensure that all information assets are assigned appropriate security classifications.
• Identify the classification level of each information asset.
• Define and implement appropriate safeguards to ensure the confidentiality, integrity, and availability of information assets.
• Assess and monitor safeguards to ensure their compliance, and promptly report situations of non-compliance.
• Access Management : Authorize access for individuals who have a legitimate business need for specific information. Ensure that access is promptly removed for those who no longer require it.
• Change Management : Implement any necessary changes to information security protocols as per the established change management procedure.
• Asset Inventory Approval : Approve updates to the information asset inventory register, ensuring accuracy and completeness.
• IQMS Monitoring & Reporting : Monitor and report on any degradation in the IQMS. Strategize to prevent further degradation and drive continuous quality improvement in respective processes, products, or services. Report on the performance of the IQMS to Top Management / Steering Committee for review and as a basis for ongoing improvement.

Skills :

Qualifications :

Skills Required

Incident Management, Access Management, Change Management, Quality Management, Communication Skills