Assistant Manager | ISO:27001 | Mumbai | Cyber Strategy & Transformation

Policy & Procedure DevelopmentReview existing cybersecurity policies and procedures to ensure they are up to date with the latest industry practices and compliance requirements.Help develop missing or inadequate policies (e.g., data protection, incident response, vulnerability management, third-party risk management etc).Provide recommendations for policy enforcement and monitoring.Review the organization's incident response plan (IRP) and recommend improvements.Align incident response with business continuity and disaster recovery strategies.Risk Management and ComplianceConduct one cyber security risk assessment, identifying potential risks to critical assets, applications, and data.Map existing controls against applicable regulatory requirements (GDPR, SOX, etc.).Identify gaps between current practices and legal/regulatory compliance, including industry best practices.Evaluate third-party cybersecurity risk management processes quarterly and guide to implement improvements for vendor oversight.Third Party Cyber Security Audit and Maturity Assessment GovernanceReview and maintain mandatory documentation including evidences in accordance with the audit requirements.Tracking and coordinating with internal and external stakeholders for timely closure of AuditSkillsets:Strong knowledge on ISO 27001, NIST CSF, RBI Regulations