Manager – Information Security (CISM, ISO 27001 LA)

Qualification

Key Responsibilities

• Lead the design, implementation, and continuous improvement of the enterprise-wide ISMS and PIMS programs.
• Develop and manage the InfoSec strategy aligned with business goals and regulatory requirements (ISO 27001:2022, ISO 27701:2019, DPDPA, IT Act, CERT-In).
• Oversee security risk assessments, audits, and remediation plans across IT and business units.
• Manage a team of security professionals; mentor, coach, and evaluate performance.
• Collaborate with Legal, Compliance, IT, and Business stakeholders to ensure security by design.
• Lead incident response, RCA, and post-mortem reviews.
• Drive security awareness and training programs across the organization.
• Manage security budgets, vendor relationships, and contract negotiations.

Technical Skills:

• Strong knowledge of IBM QRadar SIEM, GTB DLP, CyberArk PAM, Wiz CNAPP, Sentinel One EDR, Qualys VA and other PT tools.
• Experience in cloud security governance (Preferred on AWS and Azure; Good to have GCP).
• Experience of MITRE ATT&CK, NIST CSF, CIS Controls, OWASP Top 10.

Soft Skills:

• Strategic thinking
• Stakeholder management
• Team leadership
• Excellent communication

Skills : -

• Information Security Manager, ISMS Manager, PIMS Manager, BM QRadar SIEM, GTB DLP, CyberArk PAM, Wiz CNAPP, Sentinel One EDR, Qualys VA, penetration testing tools, AWS security, Azure security, GCP security, MITRE ATT&CK, NIST CSF, CIS Controls, OWASP Top 10, cybersecurity compliance, enterprise security, security monitoring, threat detection, ISO 27001 LA, CISM, IBM QRadar, CyberArk PAM, cloud security governance, Develop Infosec Strategy, Cybersecurity Manager, Security Governance, ISO 27001, ISO 27701, DPDPA compliance, IT Act compliance, CERT-In guidelines, InfoSec strategy, security risk assessment, security audits, remediation planning, incident response, root cause analysis, RCA