General Manager IT Services (Cybersecurity & Audit)

General Manager IT Services (Cybersecurity & Audit)

Location : Bengaluru

Employment Type : Full Time

Roles and Responsibilities

• Continuously monitor infrastructure to identify and respond to security threats and vulnerabilities.
• Involve in regular vulnerability assessments, penetration testing, and threat analysis.
• Implement and enforce data protection strategies aligned with confidentiality, integrity, and availability principles.
• Investigate and respond to security incidents, including breaches, malware, and unauthorized access, across both internal and client networks.
• Design and update information security policies and SOPs, aligned with industry best practices.
• Conduct security awareness and training programs for internal teams and all other stakeholders.
• Evaluate and deploy advanced security tools (e.g., SIEM, EDR, DLP) to strengthen the organizations and clients security postures.
• Ensure compliance with IT service industry standards and regulations such as ISO 27001, DPDPA, GDPR, and HIPAA.
• Perform internal audits to evaluate IT security controls and risk management processes across business units and client projects.
• Support external audits and third party assessments, ensuring evidence gathering, audit readiness, and successful certification outcomes.
• Conduct ITGC, system access reviews, change management audits, and disaster recovery assessments.
• Identify compliance gaps and provide recommendations for process and control improvements.
• Lead forensic audits and post incident investigations, document findings, and support legal or client-driven actions.
• Collaborate with cross-functional teams (IT, Legal, Tech, etc.) to implement audit findings and close action items.
• Maintain audit logs, risk registers, and evidence repositories in accordance with internal governance and client SLAs.

Skills and Qualifications