Persyaratan
Skills
Loker ini dikelola oleh
Deskripsi pekerjaan Information Security Consultant (REMOTE) Stendard
- Min. Diploma in information security or related fields
- Preferably 3 to 5 years experience as a Consultant, QA, QMS and/or ISMS role handling and auditing information security standards, such as ISO/IEC 27001:2013 and other cyber security related standards
- Preferably experienced in the implementation of security controls for cloud-based web application or experienced in ISO/IEC 27018:2019 Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
- Preferably possesses knowledge in ITIL standards of IT service management
- Preferably experienced in Vulnerability Management and Penetration Testing
- Having knowledge in GDPR & SOC2 controls will be an advantage
- With a keen interest to learn and explore other industrial standards, which will help Stendard scale new industries and markets
- Open-mindedness towards challenges in a startup environment
- Proficient in written and spoken English is a MUST
- To understand the clients’ businesses and nature of product, and to lead and manage the project through the Gap Analysis, Training, Document Review, implementation and Audit activities to achieve compliance/certification to information security and cyber security standards/regulations
- To understand medical device related standards/regulations and integrate with the cyber security standards/regulations
- To perform security testing to the clients’ software product
- To establish Information Security Management System (ISMS) in the company, based on applicable standards/regulations, such as ISO/IEC 27001:2013 and its derivative, Singapore PDPA, EU GDPR, etc
- To monitor and maintain the effectiveness of Information Security Management System (ISMS) in the company by performing tests, internal audit, and other relevant measure
- To be familiar with information and cyber security standards such as ISO/IEC 27001:2013 and to keep the content of documents updated on Stendard Solution Software. This can be based on customer feedback or partners’ request on local regulations
- To translate new and complementary information and cyber security standards’ (other than ISO/IEC 27001:2013) requirements into documents (Manual, SOPs, Forms) and define the applicability of the requirements for the different types of businesses on Stendard Solution
- To create tutorial and supplementary materials for Stendard e-learning academy. The purpose is to work towards Stendard’s vision of educating companies to handle their compliance activities independently
- To translate customer feedback and learning into new Stendard Solution software offering/features as continuous innovation
Tips Aman Cari Kerja
Jangan berikan informasi rekening, kartu kredit, atau uang saat melamar kerja. Perusahaan yang legal tidak memungut biaya rekrutmen.
Learn More