This job offer is not available in your country.

Information Security Manager - Vulnerability Assessment

Marketwick Pvt LtdGurgaon

18 days ago

Job description

Job Description :

Company : Glan Management Consultancy

Location : Gurgaon

Experience : 7-15 year

Employment Type : Job Description :

Job Title : Manager Information Security - IT

Job Purpose :

Acting in a key technical management & execution capacity to provide a conduit between IT teams and key business stakeholders in your functional area of IT Security to ensure information technology needs are managed consistently, following professional IT and global standards, and delivered with a high level of quality and customer satisfaction.

Reward level : Middle Management

Job Location : Gurgaon

Experience : 10+ years

Relevant Experience : 7+ years

Reporting to : General Manager

Qualification : Bachelor degree in IT

Key Deliverables :

Provide support as Lead auditor towards ISMS and PIMS policies, procedures, and guidelines and perform regular review and update.
Perform deep assessment to gather evidence of continuous compliance with ISO 27001 : 2022 and ISO 27701 : 2019, DPDPA, IT Act and Cert In Regulation including audit logs, records of reviews, timely closure of open audit and risks and sharing the report with management.
Conduct regular, documented information security and privacy risk assessments identifying assets, threats, vulnerabilities, likelihood, and impact with stakeholders.
Prioritize identified vulnerabilities, detailed findings, remediation recommendations, trending reports on vulnerability posture towards closure with stakeholders.
Development and implementation of a comprehensive, ongoing security awareness and training program for all employees.
Encourage secure behaviours among colleagues and reinforce the importance of information security and privacy in daily operations.
Prepare regular report on overall information security posture, GRC maturity, and risk landscape to relevant stakeholders
Ability to collect lessons learned from incidents, audits, and assessments to drive continuous improvement in ISMS / PIMS and security processes.

Key Relationships :

Internal IT and business customers.

Global IT Vendor, market and global (HQ) colleagues, Local vendor partners

Internal staff - direct reports (where applicable)

IT vendors, contractors (where applicable)

Knowledge Skills and Abilities :

Must possess and demonstrate ISO 27001 Lead Implementer / Auditor and ISO 27701 Lead Implementer / Auditor certifications and knowledge.

In depth understanding of IT Act, DPDPA, Cert In regulations, CIS Controls as well as UK DPA and ISO 31000

Good to have certification on CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional) and Cloud Security certifications (e.g., CCSK, CCSP, vendor-specific like AWS Security Specialty)

Familiarity with common vulnerability scanning tools like Qualys (features, reporting, agent-based vs. network scans) and Cloud Security Posture Management (CSPM) tools like Wiz (cloud service provider configurations, misconfigurations, compliance checks in AWS, Azure, GCP).

Understanding of various penetration testing types (e.g., network, web application, API, mobile, cloud) and methodologies

Knowledge of common attack vectors and exploitation techniques like MITRE ATTACK and DEFEND framework.

Basic to intermediate knowledge of common security controls and technologies (e.g., firewalls, EDR, Cloud Security, VAPT tools, SIEM, WAF, DLP, encryption).

Understanding of network protocols, operating systems (Windows, Linux), and common application architectures.

Knowledge of audit principles and practices (internal and external audits).

Understanding of corrective action planning and non-conformity management.

Understanding of third-party risk management principles and vendor due diligence processes.

Excellent technical writing skills for creating clear, concise, and comprehensive security policies, standards, and procedures.

Ability to analyse complex risk data and present actionable insights.

Hands-on experience with Qualys for configuring scans, analysing reports, and managing vulnerabilities.

Hands-on experience with Wiz CSPM for monitoring cloud environments, identifying misconfigurations, and generating compliance reports.

Proficiency with GRC platforms or tools for managing policies, risks, and controls

Exceptional verbal and written communication skills to articulate complex security concepts to technical and non-technical stakeholders

Ability to build strong relationships and collaborate effectively with diverse teams (IT, Legal, HR, Development, Business Units).

Skills in influencing behaviour and driving change across the organization to improve security posture.

Strong analytical skills to diagnose security issues, identify root causes, and develop effective solutions.

Ability to critically evaluate security controls and identify gaps.

Contract review and negotiation skills specifically for security-related services.

Ability to effectively manage vendor relationships and performance.

Ability to develop and deliver engaging security training sessions and awareness campaigns.

Ability to stay updated with the latest security threats, vulnerabilities, technologies, and regulatory changes.

Capacity to quickly learn and adapt to new tools and methodologies.

Meticulous attention to detail in policy creation, audit documentation, and vulnerability analysis.

Ability to act calmly and effectively during security incidents and contribute to incident response efforts.

Key Skill :

information security manager, IT security, ISO 27001 LA, ISO 27001 LI, ISO 27001 LI / LA, ISO 27701, ISO 31000, internal auditor, DPDPA, CISM, compliance ISO 27001 : 2022

Job Type : Full-time

(ref : hirist.tech)

Create a job alert for this search

Information Security Manager • Gurgaon

Related jobs

Promoted

Information Technology Security Specialist

BridgexcelGurgaon, Haryana, India

Job Description : IT Security Operations.Manage and monitor security events from various systems, including DLP, SIEM, Microsoft Entra, Intune, Microsoft Defender Antivirus, and EDR.Create, configur...Show moreLast updated: 6 days ago

Promoted

Senior Cyber Security Analyst - Vulnerability Management

Win Infosoft India Private LimitedNoida

We are seeking a Senior Cybersecurity Analyst with L3-level expertise to join our dynamic team.As a key defender of our clients digital assets, you will lead efforts to protect enterprise networks ...Show moreLast updated: 26 days ago

Promoted

Cyber Security Consulting Manager - Vulnerability Assessment

Uniqus ConsultechGurgaon

Responsibility : We endeavour to guide sustainable transformation in business and society at large, with the vision to shape a more balanced planet for the coming generations....Show moreLast updated: 13 days ago

Promoted

Information Security Analyst - ISMS / GRC

Talent IntegratorsDelhi, IN

This role is pivotal in developing, implementing, and monitoring security policies, ensuring compliance, and managing risk across the firm. The ideal candidate will have expertise in Governance, Ris...Show moreLast updated: 30+ days ago

Promoted

Security Analyst - Vulnerability Management

AdvatixGurugram

We are seeking a highly experienced SOC L3 Analyst to strengthen our Security Operations Center.The ideal candidate will have advanced expertise in monitoring, analyzing, and mitigating cybersecuri...Show moreLast updated: 25 days ago

Promoted

Director, IT Ops Services- Cloud, Infrastructure & Cyber Security

CoforgeNoida, Uttar Pradesh, India

Director, IT Ops Services- Cloud, Infrastructure & Cyber Security.We are seeking a dynamic and experienced Technology Support Group Leader to spearhead our Technology Support Group.The ideal candid...Show moreLast updated: 21 days ago

Promoted

Information Security Manager - ISMS / ISO

Glan Management ConsultancyGurgaon

Job Title : Manager Information Security IT Job Purpose : Acting in a key technical mana...Show moreLast updated: 23 days ago

Promoted

Senior Applications Security Manager

DEUTSCHE TELEKOM DIGITAL LABS PRIVATE LIMITEDGurugram

We are seeking a highly skilled and experienced Senior Manager Application Security to lead our application security strategy, governance, and execution. This role will oversee secure software devel...Show moreLast updated: 4 days ago

Promoted

Claranet - Senior Security Consultant - Information Security

ClaranetDelhi, IN

Remote

Founded at the beginning of the dot.CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP)...Show moreLast updated: 20 days ago

Promoted

Cloud Security Engineer - Vulnerability Management

True TalentsGurugram

Job Description : Cloud Security Engineer Location : Gurgaon / Bangalore Experience : 4 to 8 yearsShow moreLast updated: 7 days ago

Promoted

Security Engineer - Vulnerability Assessment / Penetration Testing

Risk Resources IndiaGurugram

Key Responsibilities : - Design, implement, and maintain security controls across cloud, on-premise, and hybrid environments. Perform threat modeling, vulnerab...Show moreLast updated: 19 days ago

Promoted

Information Security Manager

Newgen SoftwareNoida, Uttar Pradesh, India

Job description - Information Security Manager.Shall be accountable for interpreting the RFI / RFP, or Customer queries, and responding. Review Contracts / MSA / DPA to ensure they include appropriate ris...Show moreLast updated: 22 days ago

Promoted

Assistant Manager - Information Security

Talent IntegratorsDelhi, IN

Job Description : This role is pivotal in developing, implementing, and monitoring security policies, ensuring compliance, and managing ris...Show moreLast updated: 30+ days ago

Promoted

Command Center / Site Reliability Manager - Incident Management

Zyoin GroupGurugram

We are seeking a strategic and operationally strong Command Center / Site Reliability Manager to lead our global incident response and network operations functions. This leadership role is responsib...Show moreLast updated: 17 days ago

Promoted

Information Security Engineer - SIEM Tools

TrackierNoida

At Trackier, we're building SaaS (software as a service) products that are used in more than 20+ countries across the world. Over the last 9 years, Trackier has helped create industry standards...Show moreLast updated: 2 days ago

Promoted

Application Security Analyst - Vulnerability Management

Sampoorna Consultants Pvt. LtdGurgaon

Key Responsibilities : - Support vulnerability assessments using SAST, DAST, and SCA tools.Collaborate with DevOps, Vulnerability Management teams,...Show moreLast updated: 30+ days ago

Promoted

Cyber Security Engineer - Vulnerability Assessment

SK HR ConsultantsGurugram

Profile : Cybersecurity Engineer Experience : 2-5 years (Mid Level) Notice Period : Immediate Joiner or 15-...Show moreLast updated: 30+ days ago

Promoted

Credgenics - Information Security Engineer II - Vulnerability Assessment

ANALOG LEGAL HUB TECHNOLOGY SOLUTIONS PVT LTDNoida

About Credgenics : Credgenics is Indias first of its kind NPA resolution platform backed by credible investors including Accel Partners and Titan Capital.We work with...Show moreLast updated: 12 days ago