Manager - Tech Consulting - TMT - CNS - TC - ISMS, Cyber Risk, Compliance & Resilience - Gurgaon

Requisition Id: 1532798

Job Description: ISMS-BCMS Manager

Company: EY (Ernst & Young)

Location: Gurgaon

Overview: EY is a global leader in assurance, tax, transaction, and advisory services. Our integrated service lines and our deep sector knowledge help our clients to capitalize on new opportunities and assess and manage risk to deliver responsible growth. We are seeking an experienced ISMS-BCMS Manager to join our team and drive the implementation and management of integrated Information Security Management System (ISMS) and Business Continuity Management System (BCMS) frameworks in alignment with ISO standards.

Education: B.E./B. Tech/MCA in Computer Science, Information Technology, or a related field

Experience: Minimum 8-10 years of experience in Information Security and Business Continuity Management

Key Responsibilities:

• ISMS & BCMS Implementation:
  • Govern development and maintenance of ISMS and BCMS policies, procedures, and controls in alignment with ISO 27001 and ISO 22301 standards.
  • Govern and conduct risk assessments and business impact analyses to identify vulnerabilities and critical business functions.
  • Govern development and implementation effectiveness of security controls and business continuity plans.
• Audit and Compliance:
  • Engage with external and internal teams to meet various audit and compliance requirements.
  • Organize and coordinate audits, ensuring timely follow-up with stakeholders.
  • Support the assessment and implementation of security and compliance tools and automation.
  • Track identified gaps, implement mitigations, and conduct re-testing.
• Stakeholder Management:
  • Communicate with stakeholders to discuss identified gaps, proposed mitigations, and updates on security and continuity measures.
  • Provide periodic management updates on the status of ISMS and BCMS initiatives.
  • Resolute issues and conflicts with client stakeholders as in when required for successful implementation and certification.
• Proficiency with other standards and regulations:
  • Awareness about industry emerging technologies such as Artificial Intelligence, Risk tools, Cloud computing, etc.
  • Ensure compliance with other dependent industry standards and regulations such as GDPR, HIPAA, SOC2, OWASP, NIST, PCI DSS.
• Knowledge Management:
  • Stay updated with the latest developments in cyber security, risk management, and business continuity.
  • Conduct training and awareness sessions for client stakeholders on ISMS and BCMS practices.

Preferred Skills/Knowledge:

• Strong understanding of ISO 27001, ISO 22301, ISO 27701, SOC2, OWASP, GDPR, NIST, PCI DSS frameworks, etc.
• Experience in Telecom security/ Sector.
• Experience in designing and implementing security controls, risk assessment frameworks, and regulatory compliance.
• Strong analytical, problem-solving, and decision-making skills.
• Excellent communication and stakeholder management abilities.
• Ability to manage large team of 10-15 people.
• Experience in conducting security audits and assessments

What we look for

We’re interested in talented professionals with the ability to visualize our clients’ goals and think creatively to facilitate them – often in politically charged environments. If you have an entrepreneurial spirit, and a genuine passion for taking on new challenges, this role is for you.

What working at EY offers

EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.

About EY

As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.