Senior Manager Risk Management

Job Summary:

Senior Manager – Risk Mgmt and Information Security

Key Responsibilities:

Incident & Risk Management:

• Manage org wide Enterprise Risk Register and keep updating and maintaining based on emerging risks
• Lead

  Incident Management

  including end-to-end ownership and resolution
• Manage and respond to issues related to Risks from Customers
• Own

  RCA-CAPA

  processes for all deviations, including customer-facing issues
• Conduct

  biannual Incident Simulations

  and ensure retraining and compliance for defaulters
• Manage and address all employee risks including those related to Physical security risks

Compliance & Audits:

• Maintain

  ISMS ISO 27001, PIMS ISO 27701, SOC 2 Type 2

  readiness, audit support, and NC tracking/closure
• Represent Infosec in

  Customer Audits

  ,

  SOC 2 Type 2

  , and other ISO assessments
• Manage

  TPRM (Third Party Risk Management)

  support activities and compliance tracking
• Ensure timely completion of

  Cybervadis assessments

  and support

  Data Classification

  and other

  Privacy initiatives

Policy & Access Management:

• Own annual

  SOP management and policy refresh cycles

  for InfoSec
• Administer

  Exception Access Management

  for critical controls (USB, Gmail, Admin Access etc.,)
• Oversee

  Admin Access Management

  and enforce MDM/DLP policies
• Oversee IP inventory and ensure there are no IP violations.

Security Monitoring & Tools:

• Monitor threat landscape including

  Dark Web Monitoring

• Lead

  Cybersecurity Attack Simulations

  , including SOP creation, documentation, and testing
• Maintain and optimize

  Forcepoint DLP

  policies and support MDM reviews

Training & Awareness:

• Lead

  Infosec Training Programs

  and ensure 98% compliance at any point
• Refresh training materials for

  AUP, COE, ISMS

  annually
• Conduct regular compliance follow-ups and retraining for defaulters

Metrics & Reporting:

• Define, publish, and manage

  IT Security Metrics

  dashboards
• Maintain and update the

  Enterprise Risk Tracker

Stakeholder & Cross-Functional Collaboration:

• Respond to and manage

  RFI/P (Request for Information/Proposal)

  documents for Infosec
• Provide Infosec support for various IT initiatives and new implementations
• Coordinate with internal and external stakeholders for audits, assessments, and security operations

Qualifications & Skills:

• Bachelor's/Master’s degree in Computer Science, or related field
• Industry certifications such as CISSP, CISM, CISA, ISO 27001 LA, or equivalent
• In-depth knowledge of ISMS, SOC 2, Privacy laws (including GDPR/DPDPA), and security best practices
• Experience in tools like Forcepoint and creating risk dashboards with heat-maps
• Strong stakeholder management, communication, and team leadership skills
• Ability to work independently and manage global teams and vendors

Preferred Experience:

• Experience in

  Pharma, Healthcare, or Regulated Industries

• Prior experience dealing with

  Customer Audits

• Knowledge of emerging threats and technologies such as AI/ML in InfoSec

EQUAL OPPORTUNITY

Indegene is proud to be an Equal Employment Employer and is committed to the culture of Inclusion and Diversity. We do not discriminate on the basis of race, religion, sex, colour, age, national origin, pregnancy, sexual orientation, physical ability, or any other characteristics. All employment decisions, from hiring to separation, will be based on business requirements, candidate’s merit and qualification.

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, national origin, gender identity, sexual orientation, disability status, protected veteran status, or any other characteristics.