Information Security Manager

We want to shape the future with vision and innovation. Be part of it and develop your full potential!

As part of the global NTT DATA Group, one of the most successful IT service providers in the world, we specialize in value-added SAP solutions as NTT DATA Business Solutions. With over 16,000 employees in more than 30 countries, we design, implement, and develop custom-fit SAP solutions for our global customers.

Would you like to take the next step in your career and be part of our highly qualified team?

Are you ready to break new ground?

Job Title: Manager, Information Security

Experience: 7+ Years

Job Location: Hyderabad

Position Summary:

We are seeking a highly skilled and experienced Cyber Security Manager to join our dynamic team. The ideal candidate will be responsible for leading and managing the organization's cyber security efforts, ensuring the protection of our systems, networks, and data from security breaches and threats. The Cyber Security Manager will work closely with internal teams, external vendors, and senior management to develop and implement effective security strategies, policies, and procedures.

Key Responsibilities

Cyber Security Strategy & Governance:

• Develop, implement, and manage a comprehensive cyber security strategy to safeguard company assets, networks, and systems.
• Collaborate with senior management to define and communicate security goals and priorities across the organization.
• Establish and enforce security policies, standards, and best practices to ensure regulatory compliance and risk mitigation.
• Conduct risk assessments and threat modeling to identify vulnerabilities and potential security risks.

Incident Response & Threat Management:

• Lead and manage the response to security incidents, including cyberattacks, data breaches, and system vulnerabilities.
• Oversee the investigation of security incidents, including the identification of root causes, coordination with stakeholders, and implementation of corrective actions.
• Work closely with other teams (e.g., IT, legal, Support functions) to ensure a timely and effective response to incidents.

Team Leadership & Development:

• Manage and mentor a team of cyber security professionals, providing guidance and support in their day-to-day work and professional development.
• Foster a culture of continuous learning within the cyber security team by staying up-to-date with the latest security trends, technologies, and best practices.
• Conduct performance reviews, set goals, and provide feedback to improve team effectiveness and efficiency.

Security Architecture & Technology:

• Lead the design, implementation, and management of secure network architectures and infrastructures.
• Collaborate with the IT department to integrate security controls into all IT systems and applications.
• Evaluate and recommend cyber security tools, technologies, and solutions to strengthen the organization's defense posture.

Compliance & Regulatory Requirements:

• Ensure that all security policies and procedures comply with relevant legal, regulatory, and industry standards (e.g., GDPR, NIST, ISO 27001 & DPDP Act).
• Assist with internal & external audits and assessments, ensuring the organization meets compliance requirements and addresses any findings or gaps.

Continuous Improvement & Reporting:

• Develop and maintain security metrics and reporting mechanisms to track the effectiveness of security programs and controls.
• Provide regular reports to senior management and stakeholders on the security posture of the organization, highlighting key risks, incidents, and improvements.
• Continuously evaluate emerging security threats and trends, adapting strategies and processes as needed.

Qualifications:

• Bachelor’s degree in Computer Science/Information Security, or related field (or equivalent work experience).
• 7+ years of experience in cyber security, with at least 2 years in a managerial or leadership role.
• Strong understanding of information security concepts, risk management, and threat landscape.
• Hands-on experience with security technologies such as firewalls, intrusion detection/prevention systems, encryption, endpoint protection, and identity management.
• Knowledge of industry standards and frameworks (e.g., NIST, ISO 27001, CIS, OWASP).
• Strong communication skills, with the ability to explain technical concepts to non-technical stakeholders.
• Experience with regulatory compliance requirements (e.g., GDPR, SOC 2, DPDPA).
• Either of Certifications such as CISSP/CISM is mandatory.
• Certifications preferred ISO27001:2022 LA/LI
• Good to have experience in QMS & CMMI

Key Skills:

• Cybersecurity risk management
• Incident response and crisis management
• Security architecture and design
• Threat hunting and vulnerability management
• Security policy and governance
• Compliance and regulatory knowledge
• Leadership and team management
• Communication and stakeholder management