Information Security Lead

The Information Security Lead will be responsible for driving and managing the organization’s information security compliance and audit framework. This role requires strong expertise in conducting internal audits across business processes, people, facilities, and supporting systems to ensure adherence to regulatory standards, internal policies, and client requirements.

Location: Gurgaon
Experience: 2–4 years in Information Security, Compliance, or Auditing roles
Salary: Competitive and aligned with industry standards

Key Responsibilities

• Plan, schedule, and execute internal audits across departments including HR, Admin, IT, NOC, BPO operations, and facilities.
• Conduct process audits to ensure compliance with internal policies, the ISMS framework, and client contractual requirements.
• Assess adherence to standards such as ISO 27001, SOC 2, and ISO 22301 (BCMS), as applicable.
• Identify risks, gaps, and control weaknesses; provide actionable recommendations and track remediation progress.
• Support external certification and surveillance audits by preparing documentation, evidence, and audit trails.

Key Requirements

• Strong understanding of ISO 27001:2022 controls and internal audit methodologies.
• Experience in risk assessments, RCSA, RCA, and control testing.
• Excellent stakeholder management and communication skills.
• Preferred Certifications: ISO 27001 Lead Auditor/Implementer, CISA, CISM, or equivalent.