Senior Manager Information Security

Job Summary:-

The Senior Manager – Information Security will spearhead the development and execution of a comprehensive information security strategy that supports the organization’s business objectives and regulatory requirements. This role requires a strategic leader with deep technical expertise and proven experience managing enterprise security programs, risk management, and compliance initiatives.

Key Responsibilities:-

Strategic Security Leadership

 Develop and implement a comprehensive information security strategy aligned with the company’s goals and industry best practices.

 Collaborate with executive leadership and business units to embed security principles into business processes and projects.

 Provide leadership and mentorship to the information security team, fostering a culture of continuous improvement and proactive risk management.

Security Operations & Incident Management

 Oversee ongoing security monitoring, threat intelligence, incident detection, and response activities to protect organizational assets.

 Lead investigation and resolution of security incidents, coordinating cross-functional efforts to mitigate risks and remediate vulnerabilities.

 Manage vulnerability management programs, ensuring timely identification and mitigation of security gaps.

Policy, Framework & Compliance

 Maintain and evolve the company’s information security framework, policies, standards, and procedures to meet regulatory and compliance requirements (e.g., GDPR, HIPAA, ISO 27001).

 Ensure compliance with internal and external audit requirements and coordinate security-related audits and assessments.

 Drive governance processes to enforce adherence to security policies across the organization.

Security Technology Management

 Oversee configuration, deployment, and administration of critical security infrastructure including SIEM, firewalls, Endpoint Detection and Response (EDR), antivirus (AV), Web Application Firewalls (WAF), and related security tools.

 Lead network security initiatives including segmentation, VPN setup, domain policies, and secure access controls to safeguard the organization’s network environment.

Disaster Recovery & Business Continuity

 Develop, maintain, and regularly test disaster recovery and business continuity plans to ensure organizational resilience.

 Conduct regular drills and tabletop exercises, working closely with IT and business teams to validate readiness.

Security Awareness & Training

 Lead the design and implementation of security awareness programs to educate employees on cybersecurity risks, policies, and best practices.

 Promote a security-conscious culture through ongoing communication and training initiatives.

Qualifications:-

 Bachelor’s degree in Computer Science, Information Technology, or a related discipline.

 10 to 12 years of progressive experience in information security, including at least 5 years in a leadership or managerial role.

 Professional certifications such as CEH, CISSP, CISA, or CISM are mandatory.

 Extensive hands-on experience with security technologies such as SIEM, firewalls, EDR, AV, WAF, VPN, and network segmentation.

 Proven expertise in incident response, vulnerability management, risk assessments, and compliance frameworks (ISO 27001, NIST, GDPR, etc.).

 Strong understanding of disaster recovery, business continuity planning, and testing methodologies.

 Excellent leadership, communication, and stakeholder management skills, with the ability to influence at all levels of the organization.

Preferred Skills:-

 Experience in cloud security and managing hybrid IT environments.

 Knowledge of emerging cybersecurity threats and mitigation techniques.

 Ability to develop and deliver executive-level reports and presentations.

 Strong project management skills and experience working with cross-functional teams.