What you will do
- Develop and maintain incident response plans following ISO standards to ensure swift and effective responses to security incidents. Utilize ISO guidelines for incident response management to enhance planning efforts.
- Implement measures to ensure compliance with data privacy regulations such as GDPR or CCPA, leveraging ISO frameworks for privacy information management systems. Incorporate standardized processes for data mapping, consent management, and data subject rights processes.
- Develop key performance indicators (KPIs) and metrics to measure the effectiveness of security controls and compliance efforts.
- Provide regular reports to stakeholders and leadership based on ISO standards for information security management.
- Collaborate with relevant teams to develop and maintain business continuity and disaster recovery plans.
- Ensure the resilience of critical systems and data in alignment with ISO standards.
- Coordinate penetration testing activities and red team exercises to identify and address security weaknesses before they can be exploited.
- Establish and lead a dedicated security incident response team comprising representatives from relevant departments.
- Implement standardized procedures for incident detection, analysis, containment, eradication, and recovery by ISO recommendations for incident response management.