This role is for one of the Weekday's clients
Salary range: Rs 200000 - Rs 400000 (ie INR 2-4 LPA)
Experience: 2+ yrs
Location: Gurgaon, Gurugram
Job Type: Full-Time
We are looking for a motivated Information Security Implementation Specialist to support the implementation of information security and privacy controls aligned with ISO/IEC 27001:2022 and ISO/IEC 27701 standards. This is a hands-on technical role focused on implementing security controls, strengthening IT infrastructure security, and preparing the organization for certification readiness.
Working closely with IT Infrastructure teams and cross-functional stakeholders, you will help deploy security best practices, maintain compliance documentation, and support technical initiatives that improve the organization's security posture. This role is ideal for professionals who enjoy practical implementation rather than audit or consulting responsibilities.
Key Responsibilities
- Support the implementation of information security and privacy controls in accordance with ISO/IEC 27001:2022 and ISO/IEC 27701 requirements.
- Collaborate with IT Infrastructure teams to implement security controls across Windows and Linux servers, endpoints, network devices, and enterprise applications.
- Maintain IT asset inventories, perform asset classification, ownership assignment, and asset lifecycle tracking.
- Implement and verify endpoint security controls, including antivirus solutions, endpoint protection, device encryption, USB control, secure configurations, and screen lock policies.
- Support user access management activities, including account provisioning, privilege reviews, access modifications, and de-provisioning.
- Coordinate vulnerability assessment remediation activities and ensure timely closure of identified security gaps.
- Assist in implementing backup strategies, restoration testing, system monitoring, and disaster recovery controls.
- Support system hardening, secure configuration baselines, and security best practices for infrastructure components.
- Maintain implementation records, security documentation, asset registers, configuration records, and audit evidence required for certification.
- Participate in readiness assessments, coordinate with internal stakeholders, and assist in resolving compliance observations before certification audits.
What Makes You a Great Fit
- Strong understanding of Windows Server, IT infrastructure, networking fundamentals, endpoint management, and enterprise IT environments.
- Hands-on experience implementing Endpoint Security controls and IT security best practices.
- Good understanding of Information Security principles, cybersecurity fundamentals, and infrastructure security.
- Familiarity with Windows/Linux administration, Active Directory, user access management, and asset management processes.
- Knowledge of ISO 27001 security controls and implementation practices is highly desirable.
- Exposure to vulnerability management, system hardening, backup management, and security monitoring.
- Strong documentation, coordination, and communication skills with the ability to work across multiple technical teams.
- Detail-oriented approach with the ability to manage implementation activities and maintain compliance evidence.
- Self-motivated, proactive, and capable of managing assigned responsibilities independently.
- Professional certifications such as ISO 27001 Foundation, CompTIA Security+, or similar credentials will be an added advantage.