Information Security & Data Protection Officer (DPO) Manager

You will be responsible for leading the information security, data protection, and compliance initiatives of the organization. Your main duties will include: - Developing, implementing, and maintaining information security policies, standards, and procedures. - Conducting regular risk assessments, vulnerability assessments, and penetration tests to identify and mitigate threats. - Monitoring security systems, incident reports, and ensuring timely resolution of issues. As the Data Protection Officer, you will need to: - Ensure company-wide compliance with data privacy laws, security frameworks (ISO 27001, SOC 2, etc.), and industry best practices. - Manage data subject requests (DSARs), privacy impact assessments (PIAs), and liaison with regulatory authorities as needed. You will also collaborate with IT teams to: - Implement secure infrastructure, network security, access controls, and endpoint protection. - Lead investigations of IT-related security incidents, breaches, and root cause analysis. Additionally, you will be expected to: - Maintain and track compliance with security and privacy KPIs. - Develop awareness programs and training for employees on cybersecurity and data protection. - Lead internal and external audits on InfoSec and data protection. Qualifications and Skills required for this role: - Bachelors degree in Computer Science, Information Technology, Cybersecurity, or related field. (Masters preferred) - 6-7 years of relevant experience in information security, data protection, and IT security operations. - Strong knowledge of GDPR, DPDP Act, HIPAA, and other global privacy laws/regulations. - Experience with ISO 27001, SOC 2, NIST, CIS Controls, PCI DSS frameworks. - Hands-on IT security expertise (firewalls, intrusion detection/prevention, cloud security, identity & access management). - Certifications such as CISSP, CISM, CISA, ISO 27001 Lead Auditor, CEH, or CIPM/CIPP are highly desirable. - Strong analytical, communication, and stakeholder management skills. In addition to the responsibilities and qualifications mentioned above, you will have the opportunity to lead InfoSec and Data Protection strategy for a growing organization. You will also gain exposure to international compliance frameworks and cutting-edge security practices in a collaborative, inclusive, and technology-driven work environment.,