Job Openings ISO Officer

About the job ISO Officer

WE ARE HIRING: ISO Officer

Location: Sri Lanka
Employment Type: Fixed-Term Contract
Contract Duration: 1 Year
Company Industry: IT-Enabled Services / BPO

Role Overview

We are seeking a highly analytical and security-focused ISO Officer to manage information security incidents, support governance and regulatory compliance, reduce organizational risk, and strengthen the overall security culture.

The selected candidate will manage security events throughout the complete incident lifecycle, coordinate with SOC, QA, GRC, IT, cloud, and application teams, maintain audit-ready documentation, and ensure timely closure of identified security risks and corrective actions.

Key Responsibilities

  • Manage security incidents from initial detection and triage through containment, investigation, recovery, and post-incident reporting.
  • Ensure all security incidents are handled within defined service-level agreements and escalation timelines.
  • Assess SOC alerts, prioritize incidents according to risk level, and initiate governance workflows without delay.
  • Coordinate with QA and GRC teams to convert relevant SOC triggers into structured NCCAs.
  • Monitor NCCA progress and drive corrective actions through to effective and timely closure.
  • Maintain detailed, accurate, and audit-defensible incident reports and supporting documentation.
  • Ensure compliance with GDPR, applicable local data-protection laws, internal policies, and regulatory requirements.
  • Maintain documentation and evidence required for internal audits, external audits, and regulatory reviews.
  • Conduct regular vulnerability assessments and coordinate remediation activities with relevant teams.
  • Track identified vulnerabilities, corrective actions, risk levels, and closure status.
  • Develop security metrics and reports to demonstrate improvements in the organization's security posture.
  • Analyze network events and security anomalies to differentiate false positives from genuine threats.
  • Support timely investigation and response to real threats while minimizing alert fatigue.
  • Coordinate with IT infrastructure, cloud, application development, SOC, QA, and GRC teams during security investigations.
  • Design and deliver security-awareness training for employees across different departments and responsibility levels.
  • Promote secure behavior and strengthen employees' role as the organization's first line of defense.
  • Prepare regular reports and management updates on incidents, risks, vulnerabilities, compliance, and remediation progress.
  • Support continuous improvement of information-security controls, procedures, and incident-response processes.

Candidate Profile

  • Bachelor's degree in Cyber Security is essential.
  • Professional certification in CISSP, CISM, CEH, or an equivalent information-security qualification will be preferred.
  • Proven experience managing the complete information-security incident lifecycle.
  • Experience working with SOC, QA, GRC, IT infrastructure, cloud, and application-development teams.
  • Strong understanding of incident triage, containment, investigation, recovery, and post-incident review.
  • Experience managing NCCAs, SLAs, corrective actions, and governance workflows.
  • Good knowledge of GDPR, local data-protection requirements, and information-security compliance.
  • Experience conducting vulnerability assessments and monitoring remediation activities.
  • Strong understanding of threat analysis, security anomalies, and SOC alert evaluation.
  • Advanced technical-writing skills with the ability to prepare audit-ready incident and compliance reports.
  • Strong analytical, investigative, problem-solving, and risk-assessment abilities.
  • Excellent stakeholder-management, communication, and cross-functional coordination skills.
  • Ability to manage confidential security information with integrity and professional judgment.
  • Detail-oriented, organized, and capable of managing multiple incidents and deadlines effectively.

Ready to take your career to new heights?

We're InTalent Asia, your recruitment partner in Sri Lanka, and we've got an exciting opportunity for you! Our client is looking for a dynamic individual to fill the role of ISO Officer.

Apply now and see how you can be the perfect fit for this exclusive position!

#InTalentAsia #CareerOpportunity #JobVacancy #ISOOfficer #InformationSecurity #CyberSecurityJobs #IncidentResponse #GRC #ElevateYourCareer