Lead – Information Security, Risk and Compliance

Lead - Information Security, Risk and Compliance

Qualifications & Experience:

• Bachelor’s degree in computer science, Information Security or a related field.
• Minimum 5+ years of proven experience in information security, risk management and compliance, preferably in the education sector or a similar environment.
• Professional certifications such as CISSP, CISM, CRISC or equivalent.

Key Responsibilities:

• Develop and implement information security, risk and compliance strategies, policies, and procedures in alignment with the organization's objectives and regulatory requirements.
• Lead and manage a team of information security professionals, providing guidance, support and mentoring to ensure the effective execution of security initiatives.
• Conduct regular risk assessments, vulnerability assessments and penetration testing to identify potential security threats and weaknesses.
• Monitor and analyse security events and incidents, investigating any breaches or security violations and implementing appropriate corrective actions.
• Collaborate with cross-functional teams to identify and address security and compliance requirements in new projects, systems and technologies.
• Develop and deliver security awareness and training programs to enhance the organization's security posture and promote a culture of security.
• Stay abreast of emerging trends, technologies and regulatory changes in the field of information security, risk management and compliance.
• Establish and maintain strong relationships with external stakeholders, including regulatory bodies, auditors and vendors, to ensure compliance and effective risk management.
• Prepare and present reports, metrics and updates on information security, risk and compliance activities to senior management and relevant committees.
• Drive continuous improvement initiatives to enhance the overall security posture and compliance maturity of the organization.
• Contribute to the protection of sensitive information assets while ensuring compliance with regulatory requirements.

Key skills:

• Strong knowledge of information security frameworks, standards and best practices (e.g., ISO 27001, NIST, GDPR).
• Experience in leading and managing information security teams, with a track record of successful project execution.
• In-depth understanding of risk assessment methodologies, vulnerability management and incident response procedures.
• Familiarity with security technologies, tools and platforms for monitoring, intrusion detection and data protection.

Potential candidates may send their detailed CV along with copies of certificates supporting

jobs@manipal.edu