Inspiredge
Location: Visakhapatnam(Work from office)

Roles & Responsibilities:

5+ years, with significant hands-on exposure to ISO 27001 (ISMS) implementation and maintenance.

ISMS (ISO 27001) – Primary Focus

  • Maintain and update ISMS documentation including policies, procedures, risk register, and Statement of Applicability (SoA)
  • Coordinate and conduct periodic risk assessments and risk treatment plans
  • Plan and support internal ISMS audits; coordinate with external auditors during certification/surveillance audits
  • Track and close non-conformities (NCs), observations, and corrective/preventive actions (CAPAs)
  • Monitor compliance with information security controls (Annex A) across departments
  • Coordinate security awareness training programs for employees
  • Support incident management process – logging, tracking, and reporting security incidents
  • Liaise with IT/InfoSec teams on technical controls, vulnerability management, and access reviews
  • Support vendor/third-party risk assessments related to information security
  • Prepare management review reports and dashboards on ISMS performance metrics (KPIs/KRIs)
  • Stay updated on changes to ISO 27001 standard, regulatory requirements (e.g., GDPR, local data protection laws), and industry best practices
QMS – Supporting Responsibilities
  • Maintain QMS documentation (process manuals, SOPs, work instructions)
  • Coordinate internal quality audits and support external certification audits (e.g., ISO 9001, if applicable)
  • Track quality-related CAPAs and process improvement initiatives
  • Support management review meetings with relevant quality metrics and reports

Required Skills & Competencies
  • Strong working knowledge of ISO 27001:2022 requirements and Annex A controls
  • Experience conducting or coordinating internal audits (ISMS and/or QMS)
  • Familiarity with risk assessment methodologies and risk treatment planning
  • Good understanding of information security concepts (access control, encryption, incident response, business continuity)
  • Strong documentation and process-mapping skills
  • Excellent coordination skills to work across departments (IT, HR, Operations, Legal)
  • Proficiency in MS Office/Excel for reporting and tracking; familiarity with GRC tools is a plus
  • Strong communication skills for liaising with auditors and stakeholders

Preferred Certifications
  • ISO 27001 Lead Implementer or Lead Auditor (highly preferred)
  • ISO 9001 Internal Auditor (added advantage)
  • Certifications such as CISA, CISM, or ISO 27001 Foundation are a plus

View all job openings