Deputy Manager - Cyber Security

The Information Security role is responsible for managing and executing information security initiatives and projects across MHIL. The position ensures that newly introduced IT projects and existing infrastructure comply with organizational security standards through comprehensive technical security assessments and risk management practices. The role provides hands-on expertise in vulnerability management, application and infrastructure security, and incident response.

Key Roles & Responsibilities

Information Security & Risk Management

• Lead and manage Information Security projects across MHIL.
• Perform

  Technical Risk Assessments

  for new and existing IT systems and applications.
• Conduct

  security assessments

  for newly onboarded IT projects to ensure compliance with security policies and standards.
• Identify, analyze, and mitigate technical security risks across the organization.

Vulnerability & Threat Management

• Plan and manage

  Vulnerability Assessment and Penetration Testing (VAPT)

  activities, including coordination with internal teams and external vendors.
• Track, analyze, and ensure remediation of vulnerabilities identified during assessments.
• Perform configuration reviews and security hardening of systems, applications, databases, and network devices.

Endpoint & Infrastructure Security

• Manage

  Anti-Virus (AV) and Endpoint Detection & Response (EDR)

  solutions, including deployment, monitoring, and policy enforcement.
• Oversee

  Infrastructure Security

  covering servers, networks, operating systems, and cloud environments (if applicable).
• Implement and monitor

  Patch Management

  processes to ensure timely remediation of security vulnerabilities.

Application Security

• Conduct

  Application Security assessments

  , including secure code review (as applicable) and application vulnerability testing.
• Work closely with development and project teams to integrate security controls into the application lifecycle (SDLC).

Security Monitoring & Incident Response

• Support

  SIEM/SOC operations

  , including log monitoring, alert analysis, and threat investigation.
• Participate in

  Incident Response activities

  , including detection, containment, investigation, and remediation of security incidents.
• Assist in developing and maintaining incident response procedures and playbooks.

Governance, Documentation & Compliance

• Prepare and maintain security documentation, risk reports, and assessment findings.
• Support audits, compliance reviews, and regulatory requirements as applicable.
• Provide security guidance, awareness, and best practices to IT and business teams.

Technical skills

VAPT and Technical Risk Assessments

Application Security and Infrastructure Security

AV/EDR tools

Patch Management

Configuration Assessment and System Hardening

SIEM/SOC operations

Understanding of security standards and frameworks (ISO 27001, NIST, etc.)

Qualification & Experience

Graduation in any discipline

Additional Information Security certifications

Examples: CEH, CISSP, CISM, ISO 27001 LA, Security+, etc.

7+ years of experience