ISO Compliance Manager (Night Shift)

Title: ISO Compliance Manager

Time: 5PM-2AM (Night Shift)

Location: Lahore (100% onsite)

Lead Auditor:

-Plan, execute, and lead ISO 27001:2013 internal audits to evaluate the effectiveness of the ISMS.

-Conduct risk assessments and audits of security policies, processes, and controls.

-Prepare detailed audit reports, including findings, observations, and recommendations for corrective actions.

-Lead external audit engagements with certification bodies and ensure the organization's continued ISO 27001 certification.

-Collaborate with internal teams to develop, implement, and review corrective action plans based on audit findings.

-Monitor and track the status of corrective and preventive actions related to audits.

Governance, Risk, and Compliance (GRC) Analyst Responsibilities:

-Develop and maintain GRC frameworks to ensure the organization complies with industry standards and regulations.

-Conduct risk assessments, identifying and assessing information security risks, and recommending mitigation strategies.

-Monitor compliance with internal policies, procedures, and applicable legal, regulatory, and contractual requirements.

-Assist in the development and implementation of security policies, standards, and guidelines across the organization.

-Maintain a risk register, ensuring proper documentation of risks, mitigations, and resolutions.

-Collaborate with cross-functional teams to ensure alignment with GRC objectives and integrate risk management practices into daily operations.

-Stay up to date with the latest industry trends, best practices, and changes in relevant laws and regulations.

Training and Awareness:

-Provide training and awareness sessions for staff on ISO 27001:2013, information security best practices, and GRC compliance requirements.

-Assist in creating a culture of risk awareness across the organization by promoting security awareness programs.

Reporting and Documentation:

-Develop and maintain audit documentation, including audit plans, risk assessments, and compliance reports.

-Prepare regular reports and presentations on GRC and ISO 27001 performance metrics, audit findings, and risk management activities for senior management and stakeholders.

-Ensure all relevant security and risk documentation is up-to-date and aligned with regulatory standards.

Job Type: Full-time

Pay: Rs1.00 - Rs2.00 per month

Work Location: In person