ISMS & SOC Documentation Specialist

Job Summary

ISMS & SOC Documentation Specialist

ISMS & Governance

• Develop, maintain, and manage ISMS documentation aligned with industry standards such as ISO 27001, SOC 2, NIST, CIS, etc.
• Prepare and review:

• Processes & Procedures

• Security Playbooks
• Runbooks
• Guidelines and Standards
• Maintain document version control and governance records.
• Support implementation and continual improvement of ISMS frameworks.

SOC Audit & Compliance

• Coordinate and support SOC audits, internal audits, external audits, and compliance assessments.
• Collect, organize, and validate audit evidence and documentation.
• Work closely with SOC teams, IT teams, and auditors during audit engagements.
• Track audit observations, remediation plans, and closure activities.

Cybersecurity Exercises & Resilience Activities

• Plan and conduct:
• Tabletop Exercises
• Cyber Drills

• Incident Simulation Exercises

• Business Continuity Planning (BCP) activities
• Disaster Recovery (DR) exercises
• Prepare post-exercise reports, gap analysis, and improvement recommendations.
• Ensure alignment of response procedures with organizational cyber resilience objectives.

Documentation & Operational Readiness

• Prepare and maintain:

• Incident Response Plans

• Cyber Incident Response Team (CIRT/CIRIT) documentation
• Escalation matrices
• RACI matrices
• Communication plans
• Risk registers
• Create documentation for SOC operational workflows and security monitoring procedures.
• Ensure documentation complies with audit and regulatory requirements.

Coordination & Reporting

• Coordinate with cross-functional stakeholders including SOC, IT, Risk, Compliance, and Business teams.
• Prepare management reports, compliance dashboards, and audit status updates.
• Support risk assessments and control reviews.

Mandatory Skills

• 4–6 years of experience in Information Security, ISMS, SOC Governance, Audit, or Cybersecurity Documentation.
• Strong understanding of:
• ISO 27001
• SOC Audit processes
• NIST Framework
• CIS Controls
• BCP & DR processes
• Incident Response lifecycle
• Hands-on experience in:
• Tabletop Exercises
• Cyber Drills
• Audit coordination
• Security documentation management
• Strong expertise in preparing:
• Playbooks
• Policies
• SOPs
• Procedures
• RACI matrices
• CIRT/CIRIT documentation
• Excellent technical writing and documentation skills.
• Strong analytical, coordination, and communication skills.
• Experience working in SOC environments or cybersecurity operations teams.
• Familiarity with governance and compliance tools.

Key Competencie

• sAudit Managemen
• tCybersecurity Governanc
• eDocumentation Excellenc
• eStakeholder Coordinatio
• nRisk & Compliance Awarenes
• sAttention to Detai
• lIncident Management Understandin
• gBusiness Continuity & Disaster Recovery Plannin
• gNice to Hav
• eExperience with regulatory compliance frameworks
• .Exposure to SIEM/SOC operations
• .Knowledge of threat management and incident handling processes
• .

Experience