Job
Description
Synopsis of the role The Information Security Manager is responsible for developing, implementing, and maintaining the organization's overall information security strategy. This includes ensuring the confidentiality, integrity, and availability of all information assets.. What You’ll Do. Implement Security policies & Standard operating processes (SOPs) : Create/ review, and update information security policies and SOPs, procedures, and standards to ensure alignment with industry best practices and RBI regulatory requirements.. Risk Management: Identify, assess, and mitigate information security risks to the organization's assets, data, and systems.. Compliance: Ensure compliance with relevant laws, regulations, and industry standards, such as GDPR, NIST, PCI-DSS, and ISO 27001.. Security Awareness: Develop and implement security awareness training programs for employees to promote a culture of security.. Incident Response: Develop and manage incident response plans to ensure prompt and effective response to security incidents.. Vulnerability Management: Implement vulnerability management processes to identify, classify, and remediate vulnerabilities in systems and applications.. Security Architecture (Cloud and On Prime) : Design , review and implement secure architectures for systems, networks, and applications.. Third-Party Risk Management: Assess and mitigate information security risks associated with third-party vendors and service providers.. Budgeting and Resource Allocation: Manage the information security budget and allocate resources to ensure effective implementation of security measures.. Reporting and Metrics: Provide regular reporting and Security metrics to stakeholders on information security performance and risk posture.. Cloud Security Experience*: Experience with cloud security platforms and technologies.. Programming Skills: Proficiency in programming languages such as Python, Java, or C++.. Industry Certifications: Additional certifications such as CompTIA Security+, or ISO 27001 Lead Implementer.. Operational & Reporting Tasks:. Risk management: Identify, assess, and mitigate information security risks to the organization.. Compliance: Ensure compliance with relevant laws, regulations, and industry standards.. Budgeting: Manage the information security budget and allocate resources.. Stakeholder Management: Communicate information security risks and mitigation strategies to stakeholders.. Project Management: Manage information security projects, including project planning, execution, and delivery.. Vendor Management: Manage relationships with information security vendors and service providers.. Security Metrics: Develop and report security metrics to stakeholders.. Compliance Reporting: Report on compliance with relevant laws, regulations, and industry standards.. Risk Reporting: Report on information security risks and mitigation strategies.. Incident Reporting: Report on security incidents and response activities.. What Experience You Need. Bachelor’s Degree or Engineering with Information security certification like ISO 27001, CCNA, ITIL foundation. Minimum 13 to 15 yrs of Information security Information / Security audits experience/Technology administration /Project management etc.. Education: Bachelor's degree in Computer Science or computer engineering, Information Security, or related field.. Certifications: CISSP, CEH, CISM, or CISA certification preferred.. Experience: Minimum 5 years of experience in information security, with at least 2 years in a management role.. Skills: Strong knowledge of information security principles, risk management, and compliance. Excellent communication, leadership, and project management skills.. Soft skills:. Time management Effective time management and prioritizing. Collaboration Ability to work & collaborate with cross functional teams Adaptability: Ability to adapt to changing security landscapes and professional environment.. What Could Set You Apart. People management skills. Good Communication skill Passion to continuously learn and work to value add to the organization security environment Positive attitude. Show more Show less
