Information Security Manager
Mumbai, Maharashtra, India · पूरा समय
अप्लाय करने वाले प्रथम बनिए
- अनुभव
- 10+ वर्ष
- वेतन
- —
- उद्घाटन
- 1
- की तैनाती
- 5 पहले
- कार्य मोड
- कार्यालय में हूँ
- शिक्षा
- कोई भी स्नातक
- पात्रता
- Any graduate with the required security experience, leadership background, and domain expertise can be considered.
- फिर शुरू करना
- आवेदन करना आवश्यक है
आप कहाँ काम करेंगे
नौकरी का विवरण
Role summary
This position calls for a seasoned leader in information security and risk management who can partner with the CISO to strengthen the organization’s security, compliance, governance, and cyber resilience programs. The role focuses on protecting enterprise information assets, controlling cyber risk, meeting regulatory and contractual obligations, and enabling business goals through strong security practices. Experience in banking or financial services would be an added advantage.
Core responsibilities
The selected professional will help shape and run the enterprise information security and IT risk program, covering policy creation, governance, risk treatment, access control, third-party risk, awareness, reporting, and compliance oversight. The role also includes close coordination with business and control functions, support for audits and regulatory interactions, and guidance on architecture, engineering, and technology security decisions.
Security governance and stakeholder coordination
You will act as a central point of contact across information security, compliance, audit, legal, HR, and business teams. The role involves supporting internal, external, customer, and regulatory audits, managing responses to observations and non-conformities, and contributing to governance forums, problem management, and change management processes.
Operational security and technical oversight
This position covers leadership of incident response, change control, vulnerability handling, exception handling, threat management, security ticketing, and platform compliance. You will also oversee PII purge activities, dark web and social media threat monitoring, email DLP monitoring, and security event management, along with security assessments, source code reviews, VAPT, red team exercises, and ransomware readiness checks.
Infrastructure and control reviews
The role requires reviewing and improving controls across Active Directory, user access management, Windows servers, firewall and security devices, CIS benchmark alignment, and network device security. You will also manage third-party security vendors and ensure service delivery aligns with agreed SLAs.
Requirements
Applicants should hold a bachelor’s degree in information technology, information systems, cyber security, computer science, or a related field; a specialization in information security is preferred. The role requires at least 10 years of experience in information security and a minimum of 8 years in a leadership position overseeing security, risk, governance, and compliance. Experience in banking or financial services is preferred.
Knowledge and standards
Strong working knowledge is expected in governance, risk and compliance, IT risk management, enterprise security architecture, third-party risk management, security operations, incident response, vulnerability management, VAPT, business continuity, disaster recovery, audit readiness, reporting, vendor security, regulatory compliance, and data privacy. Familiarity with ISO 27001, ISO 42001, ISO 27701, ISO 9001, ISO 17025, SOC 2, DPDP Act, GDPR, COBIT, ITIL, and information security risk frameworks is also required.
Preferred certifications
Helpful certifications include CISSP, CISA, CISM, ISO 27001 Lead Auditor or Lead Implementer, ISO 9001 Lead Auditor, ISO/IEC 17025 Auditor, ISO 22301 Business Continuity Certification, ISO 27701 PIMS Lead Auditor, SOC 2 certification, and certifications related to DPDP or GDPR.
Eligibility
Any graduate can apply, provided they meet the experience, leadership, and domain knowledge requirements for the role.