Talent.com
This job offer is not available in your country.
Information Security Manager - ISMS / ISO

Information Security Manager - ISMS / ISO

Glan Management ConsultancyGurgaon
21 days ago
Job description

Job Title : Manager Information Security IT

Job Purpose :

Acting in a key technical management & execution capacity to provide a conduit between IT teams and key business stakeholders in your functional area of IT Security to ensure information technology needs are managed consistently, following professional IT and global standards, and delivered with a high level of quality and customer satisfaction.

Reward level : Middle Management

Job Location : Gurgaon

Experience : 10+ years

Relevant Experience : 7+ years

Reporting to : General Manager

Qualification : Bachelor degree in IT

Key Deliverables :

  • Provide support as Lead auditor towards ISMS and PIMS policies, procedures, and guidelines and perform regular review and update.
  • Perform deep assessment to gather evidence of continuous compliance with ISO 27001 : 2022 and ISO 27701 : 2019, DPDPA, IT Act and Cert In Regulation including audit logs, records of reviews, timely closure of open audit and risks and sharing the report with management.
  • Conduct regular, documented information security and privacy risk assessments identifying assets, threats, vulnerabilities, likelihood, and impact with stakeholders.
  • Prioritize identified vulnerabilities, detailed findings, remediation recommendations, trending reports on vulnerability posture towards closure with stakeholders.
  • Development and implementation of a comprehensive, ongoing security awareness and training program for all employees.
  • Encourage secure behaviours among colleagues and reinforce the importance of information security and privacy in daily operations.
  • Prepare regular report on overall information security posture, GRC maturity, and risk landscape to relevant stakeholders
  • Ability to collect lessons learned from incidents, audits, and assessments to drive continuous improvement in ISMS / PIMS and security processes.

Key Relationships :

  • Internal IT and business customers.
  • Global IT Vendor, market and global (HQ) colleagues, Local vendor partners
  • Internal staff - direct reports (where applicable)
  • IT vendors, contractors (where applicable)

    • Knowledge Skills and Abilities :

  • Must possess and demonstrate ISO 27001 Lead Implementer / Auditor and ISO 27701 Lead Implementer / Auditor certifications and knowledge.
  • In depth understanding of IT Act, DPDPA, Cert In regulations, CIS Controls as well as UK DPA and ISO 31000
  • Good to have certification on CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional) and Cloud Security certifications (e.g., CCSK, CCSP, vendor-specific like AWS Security Specialty)
  • Familiarity with common vulnerability scanning tools like Qualys (features, reporting, agent-based vs. network scans) and Cloud Security Posture Management (CSPM) tools like Wiz (cloud service provider configurations, misconfigurations, compliance checks in AWS, Azure, GCP).
  • Understanding of various penetration testing types (e.g., network, web application, API, mobile, cloud) and methodologies
  • Knowledge of common attack vectors and exploitation techniques like MITRE ATTACK and DEFEND framework.
  • Basic to intermediate knowledge of common security controls and technologies (e.g., firewalls, EDR, Cloud Security, VAPT tools, SIEM, WAF, DLP, encryption).
  • Understanding of network protocols, operating systems (Windows, Linux), and common application architectures.
  • Knowledge of audit principles and practices (internal and external audits).
  • Understanding of corrective action planning and non-conformity management.
  • Understanding of third-party risk management principles and vendor due diligence processes.
  • Excellent technical writing skills for creating clear, concise, and comprehensive security policies, standards, and procedures.
  • Ability to analyse complex risk data and present actionable insights.
  • Hands-on experience with Qualys for configuring scans, analysing reports, and managing vulnerabilities.
  • Hands-on experience with Wiz CSPM for monitoring cloud environments, identifying misconfigurations, and generating compliance reports.
  • Proficiency with GRC platforms or tools for managing policies, risks, and controls
  • Exceptional verbal and written communication skills to articulate complex security concepts to technical and non-technical stakeholders
  • Ability to build strong relationships and collaborate effectively with diverse teams (IT, Legal, HR, Development, Business Units).
  • Skills in influencing behaviour and driving change across the organization to improve security posture.
  • Strong analytical skills to diagnose security issues, identify root causes, and develop effective solutions.
  • Ability to critically evaluate security controls and identify gaps.
  • Contract review and negotiation skills specifically for security-related services.
  • Ability to effectively manage vendor relationships and performance.
  • Ability to develop and deliver engaging security training sessions and awareness campaigns.
  • Ability to stay updated with the latest security threats, vulnerabilities, technologies, and regulatory changes.
  • Capacity to quickly learn and adapt to new tools and methodologies.
  • Meticulous attention to detail in policy creation, audit documentation, and vulnerability analysis.
  • Ability to act calmly and effectively during security incidents and contribute to incident response efforts.

    • (ref : hirist.tech)

    Create a job alert for this search

    Manager Information Security • Gurgaon

    Related jobs
    • Promoted
    Information Technology Security Specialist

    Information Technology Security Specialist

    BridgexcelGurgaon, Haryana, India
    Job Description : IT Security Operations.Manage and monitor security events from various systems, including DLP, SIEM, Microsoft Entra, Intune, Microsoft Defender Antivirus, and EDR.Create, configur...Show moreLast updated: 4 days ago
    • Promoted
    Leegality - Information Security Analyst

    Leegality - Information Security Analyst

    GREY SWIFT PRIVATE LIMITEDGurugram, India
    As Information Security Analyst you will be responsible for managing third party risk management, assisting the Infosec team in implementing ISMS related activities and protecting systems and asset...Show moreLast updated: 30+ days ago
    • Promoted
    Medanta Hospital - Cyber Security Lead - SIEM

    Medanta Hospital - Cyber Security Lead - SIEM

    MedantaGurgaon
    Roles & Responsibilities : - Leverage the existing cybersecurity tools and capable to identify open-source tools to discover threat a...Show moreLast updated: 30+ days ago
    SIEM Manager

    SIEM Manager

    Talent WorxGurugram, HR, IN
    Quick Apply
    Talent Worx is seeking an experienced SIEM Manager to oversee our Security Information and Event Management (SIEM) solutions and ensure the protection of our organization's information systems.In t...Show moreLast updated: 30+ days ago
    • Promoted
    Chief Information Security Officer (CISO)

    Chief Information Security Officer (CISO)

    Vriba SolutionsDelhi, IN
    Chief Information Security Officer (CISO).Executive Leadership / Global Security Office.We are seeking an experienced and visionary. Chief Information Security Officer (CISO).The CISO will be respon...Show moreLast updated: 5 days ago
    • Promoted
    Uniqus - Cyber Security Consulting Manager

    Uniqus - Cyber Security Consulting Manager

    Uniqus ConsultechGurugram, India
    Cyber Security Consulting Manager Job Description : Position Overview : The Cyber Securi...Show moreLast updated: 11 days ago
    • Promoted
    Information Security Analyst - ISMS / GRC

    Information Security Analyst - ISMS / GRC

    Talent IntegratorsDelhi, IN
    This role is pivotal in developing, implementing, and monitoring security policies, ensuring compliance, and managing risk across the firm. The ideal candidate will have expertise in Governance, Ris...Show moreLast updated: 30+ days ago
    • Promoted
    OfBusiness - Chief Information Security Officer

    OfBusiness - Chief Information Security Officer

    OFB Tech Pvt Ltd (OfBusiness)Gurgaon
    Job Description : As the Chief Information Security Officer (CISO), you will be responsible for defining and executing &...Show moreLast updated: 30+ days ago
    • Promoted
    Information Security Lead - CISA / CISSP Certified

    Information Security Lead - CISA / CISSP Certified

    Lancetech solutionsDelhi, IN
    Title : Information Security Lead Location : Gurugram / Work from Home Shift : Night Shift Show moreLast updated: 30+ days ago
    • Promoted
    Claranet - Senior Security Consultant - Information Security

    Claranet - Senior Security Consultant - Information Security

    ClaranetDelhi, IN
    Remote
    Founded at the beginning of the dot.CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP)...Show moreLast updated: 18 days ago
    • Promoted
    Compliance Manager(ISO Certified)

    Compliance Manager(ISO Certified)

    Innodata Inc.Noida, India
    As a Compliance Manager, you’ll lead the compliance function, driving audits, risk management, and continuous improvement initiatives. With your Lean Six Sigma Black Belt expertise, you’ll shape com...Show moreLast updated: 3 days ago
    • Promoted
    Information Security Engineer

    Information Security Engineer

    DigiMoksha SolutionsGurgaon
    We have an immediate opening for Information Security role for Multinational companies.Title : Information Security Analyst Location : Noida / Gurgaon ...Show moreLast updated: 30+ days ago
    • Promoted
    Information Security Manager

    Information Security Manager

    ConfidentialNoida, India
    Job description - Information Security Manager.Shall be accountable for interpreting the RFI / RFP, or Customer queries, and responding. Review Contracts / MSA / DPA to ensure they include appropriate ris...Show moreLast updated: 7 days ago
    • Promoted
    Information Security Manager

    Information Security Manager

    Newgen SoftwareNoida, Uttar Pradesh, India
    Job description - Information Security Manager.Shall be accountable for interpreting the RFI / RFP, or Customer queries, and responding. Review Contracts / MSA / DPA to ensure they include appropriate ris...Show moreLast updated: 21 days ago
    • Promoted
    Assistant Manager - Information Security

    Assistant Manager - Information Security

    Talent IntegratorsDelhi, IN
    Job Description : This role is pivotal in developing, implementing, and monitoring security policies, ensuring compliance, and managing ris...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Information Security Engineer - SIEM Tools

    Information Security Engineer - SIEM Tools

    TrackierNoida
    At Trackier, we're building SaaS (software as a service) products that are used in more than 20+ countries across the world. Over the last 9 years, Trackier has helped create industry standards...Show moreLast updated: 22 hours ago
    • Promoted
    Information Security Manager - Vulnerability Assessment

    Information Security Manager - Vulnerability Assessment

    Marketwick Pvt LtdGurugram
    Job Description : Company : Glan Management Consultancy Location : Gurgaon Experience : 7-15 year Empl...Show moreLast updated: 16 days ago
    • Promoted
    Vriba - Chief Information Security Officer

    Vriba - Chief Information Security Officer

    VribaDelhi, IN
    Remote
    Chief Information Security Officer (CISO) Location : India (Remote / Hybrid) Reporting to : Executive Leade...Show moreLast updated: 11 days ago