Roles and Responsibilities:
ISMS Compliance: Ensure that software products and systems comply with the necessary security controls and requirements defined by the ISO/IEC 27001:2022 standard.
Test Planning and Execution: Create comprehensive test plans, test cases, and test scripts to validate software functionality, security controls, and ISMS requirements.
Security Testing: Conduct security testing activities, including vulnerability assessments, penetration testing, and code reviews, to identify and mitigate potential security risks.
Risk Assessment: Collaborate with the risk management team to perform risk assessments on software products and systems, identify vulnerabilities, and propose appropriate mitigation measures.
Documentation and Reporting: Maintain accurate documentation of test plans, test results, and quality assurance processes. Generate reports on security vulnerabilities, findings, and recommendations for improvement.
Process Improvement: Continuously evaluate and enhance the software quality assurance processes and methodologies to ensure efficiency, effectiveness, and adherence to ISMS requirements.
Collaboration and Communication: Collaborate with cross-functional teams (devs, PMs, InfoSec officers) to address quality and security concerns, provide guidance, and promote security awareness.
Training and Knowledge Sharing: Deliver training sessions and workshops to enhance team members' understanding of ISMS requirements, quality assurance best practices, and security testing techniques.
Compliance Monitoring: Regularly monitor and assess software products and systems for compliance with ISMS standards, regulatory requirements, and industry best practices
Agile: You Should be able to play the role of an agile coach and facilitate agile delivery with SCRUM / Kanban methodologies.
CMMI: Expertise in CMMI v2.0 DEV and SVC, Project and Process Audit, Functions audit, Process Training, Internal Audit, and GAP Analysis.
Provide consultation on estimation models, design/code reviews, project management, configuration management, quality assurance, and defect prevention
Conduct monthly project reviews, identify process issues/risks, share best practices, and create improvement plans
Perform regular process audits to ensure adherence
Provide process improvement suggestions to SEPG and PCR board through SQA reviews
Conduct QPI reviews, interact with QPILs
Facilitate Senior Management Reviews and PMRs
Experience: 2–6 Years
Education Qualification:
Bachelor's degree in Computer Science, Information Systems, or a related field. Professional certifications related to software quality assurance, such as Certified Software Quality Engineer (CSQE), Certified Information Systems Auditor (CISA), Any Agile Certification (Six Sigma, ICP-ACC, PMI-ACP, CSM, CSPO, APM, and PSM)
Bachelor's degree