Information Security Implementor

Job Purpose

To lead and manage the successful implementation, certification, and ongoing maintenance of the ISO/IEC 27001:2022 standard across Jyoti CNCs operations, ensuring the confidentiality, integrity, and availability of organizational data and IT infrastructure.

Key Roles & Responsibilities

1. Lead the development and implementation of the ISO 27001-compliant Information Security Management System (ISMS) across all business units.
   
2. Conduct comprehensive gap analysis, risk assessments, and risk treatment planning specific to manufacturing operations and ERP environments.
   
3. Develop and maintain ISMS documentation including security policies, SOPs, asset inventories, and control registers.
   
4. Coordinate with cross-functional departments (Production, R&D, HR, IT) to integrate security controls into operational processes.
   
5. Manage internal audits, lead root cause analysis, and track corrective/preventive actions.
   
6. Organize and deliver security awareness and training programs across all staff levels.
   
7. Ensure alignment with data protection regulations (e.g., GDPR, IT Act) and customer-specific security requirements.
   
8. Serve as the primary liaison with external auditors, consultants, and certification bodies for ISO 27001 audits.
   
9. Monitor ISMS effectiveness, maintain audit readiness, and report metrics to top management.
   
10. Promote a culture of information security and continuous improvement in line with Jyoti CNCs innovation and quality philosophy.

Qualifications & Skills

• Bachelor's degree in Information Technology, Cybersecurity, or a related field.
  
• ISO 27001 Lead Implementer certification is mandatory.
  
• 5+ years of relevant experience in ISO 27001 implementation, preferably in manufacturing/industrial sectors.
  
• Strong understanding of IT infrastructure, ERP systems (e.g., SAP, Oracle), and OT security practices.
  
• Excellent project management, communication, and stakeholder coordination skills.
  
• Experience in handling audits, compliance documentation, and risk mitigation.
  

Preferred

• ISO 27001 Lead Auditor certification
  
• Exposure to other standards like ISO 9001, ISO 45001, or ISO 22301