OPTIT - GRC/Info Security Engineer

Description :

Role Summary :

We are seeking an experienced to manage and strengthen the organizations Information Security Management System (ISMS) in alignment with ISO 27001 : 2022. The role focuses on governance, risk management, compliance, audits, and security awareness.

Key Responsibilities :

- Maintain ISMS documentation including policies, SOPs, risk register, and compliance records.

- Track and manage compliance evidence for all ISO 27001 controls.

- Conduct periodic access reviews and privileged account validations.

- Coordinate internal and external ISO audits and manage nonconformities.

- Manage vendor risk assessments and improvement plans.

- Publish monthly dashboards covering risk posture and compliance metrics.

- Deliver regular security awareness training for new joiners.

- Develop and maintain SOPs and knowledge base documentation with version control.

Required Skills & Experience :

- 4 - 8 years of relevant experience in information security, risk, or compliance roles.

- Strong knowledge of ISO 27001 : 2022, audit processes, and risk assessment/treatment.

- Experience with access governance, compliance reporting, and evidence management.

Qualifications :

- B.E / B.Tech / MCA preferred.

- ISO 27001 Lead Auditor or Lead Implementer (mandatory).

- ITIL Foundation (preferred).