7,170 Information Security Manager jobs in India
Information Security Manager

Posted 6 days ago
Job Viewed
Job Description
This position is responsible for the leadership of the India Information Security (IS) department as part of the Global Information Security Directorate. Areas of responsibility will include coordination with the other IS Departments to ensure standard enforcement of security polices and controls, interfacing with local India IT teams and business leaders, and mitigating risks to the organization's information assets.
**Responsibilities :**
+ Manage India Information Security team's day to day operations.
+ Support the global Security Operations (SecOps) department to safeguard digital assets by assisting with detecting, investigating, and resolving cybersecurity threats
+ Assist the global Governance, Risk & Compliance (GRC) department with enforcing cybersecurity policies, overseeing cybersecurity risk, facilitating cybersecurity compliance audits, and conducting cybersecurity awareness training.
+ Assist the global Cybersecurity Infrastructure and Design (CID) department with management and maintenance of the cybersecurity systems, platforms, and controls.
+ Implement Secure Software Development Lifecycle (SSDLC) in India office by enforcing the compliance of global policies, processes, procedures and principles.
**Qualifications**
+ Bachelor's degree in Cyber/Information Security or Information Technology, Computer Science, Computer Engineering
+ Professional certifications such as CISSP, CISM, or equivalent multi-domain cybersecurity focused certification.
+ At least 10 years of experience in IT security management, with a proven track record of managing teams in global matrix environment
+ Experience with security technologies: EDR, SIEM, SOAR, CASM, CASB, CSPM, IAM, PAM
+ Excellent communication and interpersonal skills to effectively engage internal stakeholders.
+ Demonstrated ability to analyze complex security issues, devise solutions, and enforce established security controls.
+ Strong leadership skills to drive standardization of processes, procedures, and principles.
This job posting will remain open a minimum of 72 hours and on an ongoing basis until filled.
**Job** Engineering
**Primary Location** India-Maharashtra-Mumbai
**Schedule:** Full-time
**Travel:** No
**Req ID:**
**Job Hire Type** Experienced Not Applicable #BMI N/A
Information Security Manager
Posted today
Job Viewed
Job Description
Job Title: Manager – Information Security
Job Summary
We are seeking an accomplished Information Security professional with extensive experience in cybersecurity best practices, enterprise security architecture, data protection, first-line information security risk management, and conducting security assessments. The Manager – Information Security will be instrumental in developing, evaluating, and ensuring alignment with cybersecurity controls and policies, maintaining compliance with standards, and embedding security into the organization’s products, services, and technology infrastructure. This position demands a subject matter expert capable of bridging the gap between security policy, risk, and technical implementation. A solid understanding of the latest security frameworks and technologies, including Cloud and AI, is essential to effectively inform and support risk-based decision-making.
Key Responsibilities
Cybersecurity Policy & Governance
- Develop, review, and maintain cybersecurity policies, standards, and procedures consistent with NIST, Cloud Security Alliance, CIS, and other global security frameworks.
- Convert identified security risks into policy requirements while ensuring alignment with business objectives.
- Work with security, engineering, architecture, and operational teams to confirm that policies are technically feasible and provide guidance on implementing and enforcing controls.
Risk Management and Assessments
- Function as a security specialist, providing advisory support or directly conducting comprehensive risk assessments and control gap analyses across services, products, infrastructure, and applications.
- Offer recommendations and guidance on effective risk mitigation strategies that align with business objectives and maintain appropriate security standards.
- Track emerging threats, evolving industry standards, best practices, and regulatory changes in order to proactively advise on necessary updates to policies, controls, or other measures required to strengthen and modernize our risk management posture.
Security Architecture
- Provide guidance on secure cloud, network architecture, segmentation, and system hardening.
- Work with engineering teams to monitor and maintain secure configurations and access controls.
- Lead or advise on security reviews of new technologies and system changes.
- Carry out Security Architecture Integration by conducting ongoing or targeted architecture reviews to confirm that security is incorporated, integrated, and verified in designs and implemented services.
- Establish and uphold architectural security principles throughout the technology and services ecosystem.
- Assess and integrate security tools and technologies to support the enterprise security posture.
Security Assurance and Attestations
- Maintain documentation and evidence repositories to facilitate internal and external support.
- Utilize platforms such as SharePoint and Jira to ensure optimal assessment preparedness.
- Collaborate with control owners to monitor, address, and close findings efficiently.
Awareness & Communication
- Develop and implement cybersecurity awareness programs designed for both technical and non-technical teams.
- Prepare concise communications regarding policy changes, risk advisories, and incident notifications.
- Deliver training sessions to stakeholders on security controls and risk management procedures.
Required Qualifications
- Bachelor’s / Master’s degree in Information Security, Computer Science, or related field.
- 12 – 15 years of experience in Information Security with a strong focus on risk management, network security, and security architecture.
- Hands-on experience in system/network administration (Windows/Linux/Cloud).
- Deep understanding of frameworks such as ISO 27001, NIST, PCI DSS, and COBIT.
- Proven experience in drafting and implementing security policies and technical standards.
- Strong knowledge of identity lifecycle management and access governance.
- Experience with audit documentation and evidence management tools (e.g., SharePoint, Jira).
- Excellent communication and stakeholder engagement skills.
Preferred Qualifications
- Certifications: CISSP, CISM, CISA, CRISC, or equivalent.
- Experience with GRC platforms and risk assessment methodologies.
- Familiarity with regulatory standards such as GDPR, CCPA, and other data protection laws.
- Exposure to cloud platforms (Azure, AWS) and security tools (e.g., Defender, CrowdStrike, Tenable).
- Knowledge of enterprise architecture frameworks and secure design principles.
Information Security Manager
Posted today
Job Viewed
Job Description
Job Purpose
Management :
- To Strategize, develop and implement Data Protection Controls in coordination with stakeholders across the Organization globally.
- To ensure compliance of the Organization with the defined policy & framework with a data driven approach
Execution
- To ensure that the protection operations are executed effectively in a timely manner and with required quality
- Assists in the development and implementation of Data Protection strategic initiatives. Leads all Data protection related tasks with effective monitoring and protection of information security assets.
Manager – Data Protection has overall responsibility to coordinate and support the Head of Data Privacy and Protection to achieve organization’s Protection strategy and goals.
He/she is a T-Shaped expert with proven skills in most core capability areas of Data Protection and security: Policy, Governance, Protection Strategy & Program Management.
Performance evaluation of the role will be based on the positive impact on the bank in terms of Data protection posture enhancement rather than the effort put in place.
Key result Areas
- Develop and coordinate with stakeholder (internal/external) to implement Data Protection policies, procedures, and protocols.
- Collaborate with internal departments, such as human resources, business and IT, to ensure compliance with security protocols and standards.
- Drive the creation of a comprehensive data protection framework, ensuring compliance with applicable data security laws.
- Develop and maintain metrics (Key Performance / Risk Indicators) for measuring effectiveness of the managed solution and reporting to key stakeholders.
- Work closely with legal and compliance teams to manage risk, breaches, and audits related to data protection.
- Advice on implementation robust security controls across all stages of the data lifecycle, including data collection, storage, processing, transmission, and destruction.
- Ensure the use of encryption (at rest, in transit) and secure key management strategies.
- Apply anonymization and pseudonymization techniques where required to mitigate privacy risks.
- Collaborate with IT teams to integrate security measures into application and system design from the outset (security by design).
- Good understanding/hands-on knowledge of DLP solution and data classification concepts.
- Raise awareness and provide training about information handling rules to end-users;
- Design and implement controls to reduce information risk and coordinate remediation actions with the support of the business;
- Gather and document business and security requirements, identify and define opportunities and lead the development and implementation of Data Protection Controls that meet business needs.
- Establish an exception management process for scenarios where data protection policies cannot be fully enforced.
- Evaluate and approve security exceptions, ensuring that any deviations from standards are properly justified, documented, and risk-assessed.
- Monitor and review approved exceptions regularly to ensure ongoing security and compliance.
Knowledge, Skills and Experience
Essential knowledge
- Graduate/ Post Graduate degree in Science/ Engineering/ IT.
- Minimum 2 Professional certification related to Information Security like CISM / CISSP./CASP+/ CEH / CCSP
- 8+ years Information Security experience in large financial institution/ banks with minimum 5 years’ experience within Compliance, audit and/or risk function, with recent experience in Data protection projects implementation.
- In-depth knowledge of data encryption, anonymization, pseudonymization techniques.
- Strong understanding of security controls required at different stages of the data lifecycle.
Skills and Application
- Coordinate with internal stakeholders and cross-functional teams to execute Protection initiatives, ensuring that projects are completed on time and achieve desired outcomes.
- Excellent communication skills with the ability to work cross-functionally with different teams.
Strong analytical skills and the ability to evaluate the effectiveness of implemented security measures
Information Security Manager
Posted today
Job Viewed
Job Description
Job description - Information Security Manager
Role & responsibilities
-Shall be accountable for interpreting the RFI/RFP, or Customer queries, and responding
to them.
-Review Contracts/MSA/DPA to ensure they include appropriate risk-related clauses,
such as security controls, data privacy, liability, and business continuity terms.
-Shall be accountable for assessing vendors or suppliers to identify potential risks in
areas such as cybersecurity, data protection, regulatory compliance, and operational
resilience.
-Participate in meetings with customers, partners, and vendors and be accountable for
handling security/privacy-related discussions.
-Work closely with IT, HRD, L&D, and other teams to close any Customer audit
observations, and shall be accountable.
-Shall be accountable for tracking the external advisories/threat intelligence to closure.
-Shall be accountable for Enterprise Risk Management.
Eligibility Criteria
-Must have 5 years in a Customer/Vendor role responsible for Responding, clarifyingand reviewing Contracts around below standards/models/industry best practices andtheir mapping to Organizational Practices.
-In-depth knowledge of standards and frameworks such as ISO 9000, ISO 27001, PCIDSS, SOC 2, CMMi, NIST, HIPAA, GDPR, and CCPA.
-Must have led the implementation of security standards like ISO 27001, PCI-DSS, SOC2, etc.
-Knowledge of privacy regulations like GDPR, PDPD, DPDPA, etc. is preferred.
-Must have faced or facilitated customer or external audits.
-Proven experience in quality assurance, compliance, and risk management. At leastmore than 7 years of experience in managing the audit.
-Excellent communication and interpersonal skills.
-Strong analytical skills and attention to detail.
-Ability to work collaboratively with cross-functional teams.
-Must have managed a team of more than 3 members at least for 5 years.
-Certification in Quality Assurance or Information Security (e.g., ISO 9001 Lead Auditor,ISO 27001 Lead Implementer, CEH) will be preferred.
Role : IT & Information Security - Other
Industry Type : Software Product
Department : IT & Information Security
Employment Type : Full Time, Permanent
Role Category : IT & Information Security - Other
Education
UG: B.Tech/B.E. in Computer Science Engineering, Information Technology, Computer
Science, Cyber Security, Computers
PG: MCA in Any Specialization, MBA/PGDM in Information Technolog
Information Security Manager
Posted today
Job Viewed
Job Description
Information Security Manager
Location: Pune (Yerwada) | Hybrid Mode
Experience: 11+ Years
⏳ Notice Period: Immediate to 60 Days
Job Description
We are seeking an experienced Information Security Manager to lead and strengthen our security practices. This role requires a proven leader with strong expertise in Application Security, DevSecOps, and Vulnerability Management , along with the ability to manage a high-performing team.
Key Responsibilities:
- Lead and manage a team of 7 security professionals.
- Oversee Application Security including SAST & DAST implementation and reviews .
- Integrate security practices into CI/CD pipelines .
- Drive Vulnerability Assessment & Remediation activities.
- Collaborate with Development, DevOps, and Infrastructure teams to ensure secure design and delivery.
- Provide technical guidance on security best practices across multiple projects.
- Exposure to cloud platforms (GCP/AWS ) will be an added advantage.
Required Skills & Experience:
- Strong hands-on experience in Application Security, SAST, and DAST .
- Solid understanding of DevSecOps frameworks and CI/CD security integration.
- Proven experience in Vulnerability Management .
- Knowledge of Cloud Security (preferably GCP/AWS ).
- Excellent leadership, communication, and stakeholder management skills.
Interested candidates can share their updated resume at:
If you’re passionate about driving security initiatives and leading a dynamic team, we’d love to connect with you!
Information Security Manager
Posted today
Job Viewed
Job Description
The ideal candidate will have a wealth of experience tackling various hardware and software problems. They should be comfortable providing technology solutions to employees and working closely with third party software companies to adopt new technologies and efficiently use existing ones. This candidate should have prior experience working with information technology and understand the latest technology trends to ensure the technology in place is up to date.
Responsibilities
- Conduct vulnerability assessments and penetration tests to identify security weaknesses in an organization's systems and networks.
- Evaluate, rate, and perform risk assessments on assets.
- Prioritizing vulnerabilities discovered along with remediation timeline(s)
- Send and receive notifications to the SMEs of vulnerabilities within the environment.
- Maintain knowledge of the threat landscape.
- Provide reporting and analysis and follow up.
- Provide vulnerability analysis and produce reports for management.
- Develop and implement security policies and procedures to prevent cyber-attacks.
- Monitor network traffic and identify potential security threats.
- Investigate security incidents and provide recommendations for remediation.
- Conduct risk assessments to identify potential security threats and vulnerabilities.
- Stay up-to-date on the latest security threats and vulnerabilities.
- Provide training and guidance to other security professionals.
Skills
- Bachelor's degree in Computer Science, Information Security, or a related field.
- 5+ years of experience in vulnerability management.
- Strong understanding of vulnerability assessment and penetration testing methodologies.
- Familiarity with vulnerability scanning tools and reporting solutions.
- Experience with risk assessment and prioritization techniques.
- Excellent communication and writing skills.
- Ability to work independently and as part of a team.
- Strong analytical and problem-solving skills.
Preferred Qualifications:
- GIAC GCIH certification.
- Experience with information security management systems (ISMS).
- Experience with cloud security.
- Experience in Tenable
Regards
Shyam J
Senior HR Analyst
106-109, Anna Salai, Guindy, Chennai –
M:
• About EXELA
• Instagram
• LinkedIn
Information Security Manager
Posted today
Job Viewed
Job Description
As Information Security Manager at / , you will serve as a critical link between global security functions and local business units, ensuring seamless adoption of group-provided security services while driving stakeholder alignment. This role requires an outgoing professional with exceptional coordination skills, a deep understanding of Indian business culture, and the ability to support group-wide security objectives. You will work closely with internal teams, external auditors, and leadership to maintain a robust internal control framework that meets the regulatory requirements aligned with industry's best practices.
Responsibilities:Stakeholder Management: Develop and maintain strong relationships with local business leaders, IT teams, and global stakeholders to align group security strategies with local business objectives.
Security Governance: Support the implementation of group-provided security policies, standards, and frameworks, ensuring compliance with local regulations (e.g., DPDP Act) and global standards (e.g., ISO 27001, GDPR).
Cultural Alignment: Leverage deep knowledge of Indian business culture to effectively communicate and integrate group security initiatives within local teams, fostering a collaborative group-wide security culture.
Coordination: Facilitate coordination between group security teams and local business units, ensuring effective rollout of group-provided risk management, training & awareness, IT compliance, BCM, and incident management processes.
Local Advocacy: Represent local business needs to group security teams, ensuring group-provided services are tailored to India-specific requirements.
Incident Support: Support local incident response activities by adhering to group-aligned security incident management processes, ensuring effective communication and resolution.
Reporting: Provide clear, concise updates to senior leadership on the adoption of group security initiatives, local compliance, incident status, and stakeholder feedback, bridging local and global perspectives.
Cultural Competence: Strong understanding of Indian business practices, communication styles, and workplace dynamics, with proven ability to navigate multicultural environments.
Stakeholder Engagement: Outgoing personality with a demonstrated ability to influence stakeholders and foster collaboration across diverse teams.
Security Knowledge: Familiarity with Application security, security governance, compliance frameworks, and group-aligned incident management processes, with awareness of local and global regulations.
Coordination Skills: Proven ability to manage cross-functional coordination, align diverse teams, and execute initiatives in a fast-paced environment.
Communication: Excellent verbal and written communication skills in English.
Bachelor's degree in information security / computer science / information technology.
7-10 years in information security or related roles, with at least 3 years in a stakeholder-facing or coordination role. Experience in India with multinational organizations is highly desirable.
Certifications (e.g., CISSP, CISM, CRISC) are preferred.
Be The First To Know
About the latest Information security manager Jobs in India !
Information Security Manager
Posted today
Job Viewed
Job Description
Role Overview
The Manager will be responsible for driving the organizations information security strategy, governance, and compliance programs. This role ensures that security policies, processes, and controls are in place to protect critical business systems, data, and infrastructure against evolving cyber threats. The incumbent will lead cross-functional teams, coordinate with business units, and collaborate with external partners to strengthen the overall security posture of the organization.
Key Responsibilities
Strategic Leadership
- Define and implement the organization's Information Security strategy aligned with business objectives and regulatory requirements.
- Establish and maintain security governance, frameworks, and policies (ISO 27001, NIST, CIS, GDPR, etc.).
- Develop long-term security roadmaps covering risk management, compliance, and incident response.
Risk & Compliance Management
- Conduct enterprise-wide risk assessments and drive mitigation measures.
- Ensure compliance with internal security standards and external audits (ISO, SOC2, GDPR, CERT-In, etc.).
- Manage ISMS implementation and periodic reviews.
Security Operations
- Oversee Security Operations Center (SOC), endpoint security, network defense, data protection, and vulnerability management.
- Lead incident detection, response, and recovery activities.
- Implement and monitor Data Loss Prevention (DLP), Identity & Access Management (IAM), and Zero Trust models.
Technology & Process Enablement
- Evaluate, implement, and optimize security tools (SIEM, SOAR, EDR/XDR, Cloud Security, IAM).
- Drive secure adoption of cloud, mobility, and digital platforms.
- Ensure secure software development lifecycle (DevSecOps).
Awareness & Training
- Build security awareness programs for employees, contractors, and leadership.
- Conduct phishing simulations and regular cyber drills.
- Leadership & Stakeholder Management
- Lead and mentor a team of security professionals.
- Collaborate with IT, Legal, HR, and Business Leaders to embed security into business processes.
- Act as the primary contact for security incidents and regulatory interactions.
Information Security Manager
Posted today
Job Viewed
Job Description
Job Description:
We are seeking an Information Security Manager with 2–4 years of experience to safeguard organizational data and IT infrastructure. The candidate will manage cybersecurity policies, incident response, and security audits.
Responsibilities:
- Implement and maintain IT security policies.
- Manage security operations, firewalls, and SIEM tools.
- Monitor and respond to cyber threats.
- Conduct vulnerability assessments and penetration testing.
Qualifications:
- Bachelor's in IT/Computer Science.
- 2–4 years of experience in Information Security.
- Certifications like CISSP, CISM, CEH preferred.
Salary: Up to 10 LPA
Job Type: Permanent
Pay: ₹800, ₹1,000,000.00 per year
Information Security Manager
Posted today
Job Viewed
Job Description
We are looking for Information Security Professional in our Corporate office.
Experience: 7-10 years of experience in security and privacy roles.
Monitor, investigate, and respond to security incidents using DLP, EDR, and MDR solutions.
- Conduct Vulnerability Assessment and Penetration Testing (VAPT) to identify and mitigate risks.
- Implement and manage Data Loss Prevention (DLP) strategies to safeguard sensitive information.
- Ensure compliance with ISO 27001/27002 controls and support audit requirements.
- Analyze security events, perform root cause analysis, and recommend remediation measures.
- Collaborate with internal stakeholders to enhance the overall security posture
- Partner with internal departments, such as IT, Compliance, and Risk Management, to identify security gaps, implement best practices, and enhance overall cybersecurity measures.
- Conduct regular assessments of the organization's systems, networks, and processes to identify and mitigate potential security and privacy risks.
- Develop and enforce security and privacy policies, ensuring alignment with industry standards and regulatory requirements.
- Lead and participate in incident response activities, including investigation, analysis, and resolution of security incidents.
- Develop and deliver security awareness training programs to educate employees on security best practices and privacy guidelines.
- Implement and manage vulnerability assessment programs to identify and remediate security vulnerabilities in a timely manner.
- Ensure the protection of sensitive data through encryption, access controls, and other relevant measures.
- Work closely with cross-functional teams to integrate security and privacy considerations into the development lifecycle of applications and systems.
- Stay current with relevant security and privacy regulations, ensuring the organization's compliance with applicable laws.
Work Experience & Educational/Professional Certifications
- 7-10 Years of experience in cybersecurity.
- Proficiency in EDR, MDR, VAPT, and ISO 27001/27002.
- Strong analytical and problem-solving skills.
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Industry-recognized certifications such as ISO 27001 LA,/LI, CEH, Security+ are a plus.
- Strong knowledge of security frameworks, standards, and best practices.
- Experience with risk management, policy and process documentation, and security assessments.
- Excellent communication skills and the ability to collaborate with diverse teams.