Information Security Manager

Job Description

We are looking for Information Security Professional in our Corporate office. Experience: 7-10 years of experience in security and privacy roles. Monitor, investigate, and respond to security incidents using DLP, EDR, and MDR solutions. Conduct Vulnerability Assessment and Penetration Testing (VAPT) to identify and mitigate risks. Implement and manage Data Loss Prevention (DLP) strategies to safeguard sensitive information. Ensure compliance with ISO 27001/27002 controls and support audit requirements. Analyze security events, perform root cause analysis, and recommend remediation measures. Collaborate with internal stakeholders to enhance the overall security posture Partner with internal departments, such as IT, Compliance, and Risk Management, to identify security gaps, implement best practices, and enhance overall cybersecurity measures. Conduct regular assessments of the organization's systems, networks, and processes to identify and mitigate potential security and privacy risks. Develop and enforce security and privacy policies, ensuring alignment with industry standards and regulatory requirements. Lead and participate in incident response activities, including investigation, analysis, and resolution of security incidents. Develop and deliver security awareness training programs to educate employees on security best practices and privacy guidelines. Implement and manage vulnerability assessment programs to identify and remediate security vulnerabilities in a timely manner. Ensure the protection of sensitive data through encryption, access controls, and other relevant measures. Work closely with cross-functional teams to integrate security and privacy considerations into the development lifecycle of applications and systems. Stay current with relevant security and privacy regulations, ensuring the organization's compliance with applicable laws. Work Experience & Educational/Professional Certifications 7-10 Years of experience in cybersecurity. Proficiency in EDR, MDR, VAPT, and ISO 27001/27002. Strong analytical and problem-solving skills. Bachelor's degree in Computer Science, Information Security, or a related field. Industry-recognized certifications such as ISO 27001 LA,/LI, CEH, Security+ are a plus. Strong knowledge of security frameworks, standards, and best practices. Experience with risk management, policy and process documentation, and security assessments. Excellent communication skills and the ability to collaborate with diverse teams.