Job For Security Manager-MNC in Nagpur

1. Job Title: Security Manager (Cybersecurity & Infrastructure Security)

( CPass Audit Spoc for BFSI customers )

Location: [Nagpur]

Department: IT Security & Compliance

Reports To: Sr. Director IT Infrastructure

Experience Required: 5 - 15

Role Overview:

The Security & Compliance Manager will lead the organizations IT security and

compliance initiatives, acting as the Single Point of Contact (SPOC) for all third-party

audits, especially from BFSI clients. This role ensures adherence to regulatory, data

protection, and industry standards. Key Responsibilities:

1. Act as the Single Point of Contact (SPOC) for all BFSI customer audits, third- party assessments, and compliance reviews. 2. Maintain and enforce security policies, risk registers, audit trails, and

compliance documentation. 3. Ensure ongoing compliance with ISO 27001, SOC 2, RBI, GDPR, TRAI, and

other applicable BFSI regulations. 4. Conduct internal audits, gap analyses, and drive remediation plans to closure. 5. Coordinate with legal, IT, DevOps, and business teams to ensure audit

readiness and evidence collection. 6. Lead incident response planning, security drills, and business continuity

testing. 7. Manage vendor risk assessments, NDAs, and third-party compliance

documentation. 8. Perform regular risk assessments and maintain an up-to-date risk register. 9. Conduct vulnerability scans across infrastructure, APIs, applications, and

endpoints. 10. Coordinate with external vendors for annual penetration testing and ensure

timely remediation. 11. Track, prioritize, and patch vulnerabilities based on CVSS scores and business

impact.

12. Develop and maintain a compliance calendar to track all audit and

certification timelines. 13. Own and manage the Information Security Management System

(ISMS) lifecycle. 14. Prepare and present audit reports, dashboards, and risk summaries to senior

leadership. 15. Ensure data privacy and protection controls are implemented across all

CPaaS services. 16. Conduct security awareness training and phishing simulations for employees. 17. Review and approve security controls for new projects, vendors, and cloud

deployments. 18. Maintain incident logs, RCA reports, and ensure timely closure of security

incidents. 19. Collaborate with product and engineering teams to embed security-by- design principles. 20. Stay updated with regulatory changes in the BFSI sector and translate them

into actionable controls. 21. Lead external certification audits (e.g., ISO, SOC 2) and manage evidence

collection and walkthroughs.

Required Skills & Qualifications: • Bachelor’s degree in information security, IT, or related field. • 6+ years of experience in IT security, audit, and compliance. • Strong knowledge of BFSI regulatory frameworks and data privacy laws. • Experience with GRC tools, audit frameworks, and documentation. • Certifications: CISA, CISM, ISO 27001 Lead Auditor, or equivalent preferred. Excellent communication and stakeholder management skills.