1,849 Information Security Manager jobs in India

We want to shape the future with vision and innovation. Be part of it and develop your full potential!

As part of the global NTT DATA Group, one of the most successful IT service providers in the world, we specialize in value-added SAP solutions as NTT DATA Business Solutions. With over 16,000 employees in more than 30 countries, we design, implement, and develop custom-fit SAP solutions for our global customers.

Would you like to take the next step in your career and be part of our highly qualified team?

Are you ready to break new ground?

Job Title: Manager, Information Security

Experience: 7+ Years

Job Location: Hyderabad

Position Summary:

We are seeking a highly skilled and experienced Cyber Security Manager to join our dynamic team. The ideal candidate will be responsible for leading and managing the organization's cyber security efforts, ensuring the protection of our systems, networks, and data from security breaches and threats. The Cyber Security Manager will work closely with internal teams, external vendors, and senior management to develop and implement effective security strategies, policies, and procedures.

Key Responsibilities

Cyber Security Strategy & Governance:

• Develop, implement, and manage a comprehensive cyber security strategy to safeguard company assets, networks, and systems.
• Collaborate with senior management to define and communicate security goals and priorities across the organization.
• Establish and enforce security policies, standards, and best practices to ensure regulatory compliance and risk mitigation.
• Conduct risk assessments and threat modeling to identify vulnerabilities and potential security risks.

Incident Response & Threat Management:

• Lead and manage the response to security incidents, including cyberattacks, data breaches, and system vulnerabilities.
• Oversee the investigation of security incidents, including the identification of root causes, coordination with stakeholders, and implementation of corrective actions.
• Work closely with other teams (e.g., IT, legal, Support functions) to ensure a timely and effective response to incidents.

Team Leadership & Development:

• Manage and mentor a team of cyber security professionals, providing guidance and support in their day-to-day work and professional development.
• Foster a culture of continuous learning within the cyber security team by staying up-to-date with the latest security trends, technologies, and best practices.
• Conduct performance reviews, set goals, and provide feedback to improve team effectiveness and efficiency.

Security Architecture & Technology:

• Lead the design, implementation, and management of secure network architectures and infrastructures.
• Collaborate with the IT department to integrate security controls into all IT systems and applications.
• Evaluate and recommend cyber security tools, technologies, and solutions to strengthen the organization's defense posture.

Compliance & Regulatory Requirements:

• Ensure that all security policies and procedures comply with relevant legal, regulatory, and industry standards (e.g., GDPR, NIST, ISO 27001 & DPDP Act).
• Assist with internal & external audits and assessments, ensuring the organization meets compliance requirements and addresses any findings or gaps.

Continuous Improvement & Reporting:

• Develop and maintain security metrics and reporting mechanisms to track the effectiveness of security programs and controls.
• Provide regular reports to senior management and stakeholders on the security posture of the organization, highlighting key risks, incidents, and improvements.
• Continuously evaluate emerging security threats and trends, adapting strategies and processes as needed.

Qualifications:

• Bachelor’s degree in Computer Science/Information Security, or related field (or equivalent work experience).
• 7+ years of experience in cyber security, with at least 2 years in a managerial or leadership role.
• Strong understanding of information security concepts, risk management, and threat landscape.
• Hands-on experience with security technologies such as firewalls, intrusion detection/prevention systems, encryption, endpoint protection, and identity management.
• Knowledge of industry standards and frameworks (e.g., NIST, ISO 27001, CIS, OWASP).
• Strong communication skills, with the ability to explain technical concepts to non-technical stakeholders.
• Experience with regulatory compliance requirements (e.g., GDPR, SOC 2, DPDPA).
• Either of Certifications such as CISSP/CISM is mandatory.
• Certifications preferred ISO27001:2022 LA/LI
• Good to have experience in QMS & CMMI

Key Skills:

• Cybersecurity risk management
• Incident response and crisis management
• Security architecture and design
• Threat hunting and vulnerability management
• Security policy and governance
• Compliance and regulatory knowledge
• Leadership and team management
• Communication and stakeholder management

Job Description: Information Security Manager

Role Details

Position: Information Security Manager

Location : Bangalore

About SCRUT Automat

Scrut Automation is a one-stop shop for infosec compliance. It supports IT/ITES/SaaS companies in automating their information security compliance tasks and reduces manual work in maintaining compliance by ~70%. Founded by IIT/ISB/McKinsey alumni, the founding team has over 15 years of combined Infosec experience. Scrut is backed by Lightspeed Ventures and Endiya Partners, along with prominent angels from the global SaaS community.

The Scrut platform provides the fastest solution for achieving and maintaining compliance across global standards, including but not limited to SOC 2, ISO 27001, GDPR, HIPAA, PCI-DSS, or CCPA, through its truly 'single window' operations. Scrut acts like an organization’s virtual CISO, so they can focus on their business and leave compliance to Scrut.

Overview of the Job Profile

This position is responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected.

Responsibilities

• Understanding the Policies and Procedures of the Client and suggesting improvement points related to Information Security.
• Understanding the setup of the Cloud Infrastructure of Clients and suggesting improvement points related to Information Security.
• Preparation of Policies and Procedures for Information Security.
• Impart training on Information Security.
• Performing Infosec Internal Audits covering all departments as per ISO 2700,SOC 2/GDPR requirements.

Requirements

• Degree in Engineering (Computer Science/IT) /MCA/ Business administration in a technology-related field required.
• Minimum of 3-5 years of experience in Information security, Governance, Risk and Compliance
• Understanding of Unified/Secure Controls Framework.
• Exposure to one or more infosec audits and implementation like ISO 27001/SOC 2/GDPR/PCI DSS isa must.
• Exposure to one or more privacy audits and implementation like ISO 27701/GDPR is a must.
• Professional security management certification (Like ISO 27001 Lead Auditor / Lead Implementer Certification or CISA or CISSP) will be an added advantage.
• Knowledge of security controls of AWS / Microsoft Azure / GCP will be an added advantage.
• Excellent written and verbal communication skills and a high level of personal integrity.
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, inter disciplinary teams.
• Regulatory Compliance like SAR-DL, PPI, PAPG, RBI Master Guidelines, IRDA related requirements.
• Knowledge on ISO 42001 would be an added advantage.

Why should this job excite you?

• Opportunity to make an early impact on one of the most promising, high-growth SaaS startups in India.
• A high-performing action-oriented team.
• Opportunity to shape the future of B2B SaaS with YOUR innovative ideas.
• The competitive compensation package, benefits, and employee-friendly work culture.

• Experience in developing annual plans for ISMS audits and Business Continuity Planning (BCP)
• Responsible for conducting internal, external, and security audits
• Accountable for managing all aspects of security compliance
• Coordinate security-related activities with functional and project teams
• Proficient in managing delivery teams for compliance audits aligned with the SDLC lifecycle
• Schedule and oversee ISMS monitoring activities at defined intervals
• Lead execution of ISMS plans, including monthly reviews and Management Review Meetings
• Skilled in supporting customer security assessments, RFPs, and third-party risk evaluations
• Capable of reviewing Master Service Agreements (MSA), Information Security Agreements, and Data Protection Agreements with respect to ISMS viewpoint
• Responsible for disseminating information security awareness communications
• Oversee risk management and business continuity management processes
• Identify gaps and drive continuous improvement initiatives
• Review & update of ISMS policies and procedures
• Coordinate with vendors to plan and execute annual external audits
• Understand procurement workflows and manage purchase orders
• Experienced in creating and maintaining ISMS documentation
• Knowledge on ISO 27001:2022, SOC II Type 2 Standards and SDLC lifecycle

We want to shape the future with vision and innovation. Be part of it and develop your full potential!

As part of the global NTT DATA Group, one of the most successful IT service providers in the world, we specialize in value-added SAP solutions as NTT DATA Business Solutions. With over 16,000 employees in more than 30 countries, we design, implement, and develop custom-fit SAP solutions for our global customers.

Would you like to take the next step in your career and be part of our highly qualified team?

Are you ready to break new ground?

Job Title: Manager, Information Security
Experience: 7+ Years
Job Location: Hyderabad

Position Summary:
We are seeking a highly skilled and experienced Cyber Security Manager to join our dynamic team. The ideal candidate will be responsible for leading and managing the organization's cyber security efforts, ensuring the protection of our systems, networks, and data from security breaches and threats. The Cyber Security Manager will work closely with internal teams, external vendors, and senior management to develop and implement effective security strategies, policies, and procedures.

Key Responsibilities

Cyber Security Strategy & Governance:
Develop, implement, and manage a comprehensive cyber security strategy to safeguard company assets, networks, and systems.
Collaborate with senior management to define and communicate security goals and priorities across the organization.
Establish and enforce security policies, standards, and best practices to ensure regulatory compliance and risk mitigation.
Conduct risk assessments and threat modeling to identify vulnerabilities and potential security risks.

Incident Response & Threat Management:
Lead and manage the response to security incidents, including cyberattacks, data breaches, and system vulnerabilities.
Oversee the investigation of security incidents, including the identification of root causes, coordination with stakeholders, and implementation of corrective actions.
Work closely with other teams (e.g., IT, legal, Support functions) to ensure a timely and effective response to incidents.

Team Leadership & Development:
Manage and mentor a team of cyber security professionals, providing guidance and support in their day-to-day work and professional development.
Foster a culture of continuous learning within the cyber security team by staying up-to-date with the latest security trends, technologies, and best practices.
Conduct performance reviews, set goals, and provide feedback to improve team effectiveness and efficiency.

Security Architecture & Technology:
Lead the design, implementation, and management of secure network architectures and infrastructures.
Collaborate with the IT department to integrate security controls into all IT systems and applications.
Evaluate and recommend cyber security tools, technologies, and solutions to strengthen the organization's defense posture.

Compliance & Regulatory Requirements:
Ensure that all security policies and procedures comply with relevant legal, regulatory, and industry standards (e.g., GDPR, NIST, ISO 27001 & DPDP Act).
Assist with internal & external audits and assessments, ensuring the organization meets compliance requirements and addresses any findings or gaps.

Continuous Improvement & Reporting:
Develop and maintain security metrics and reporting mechanisms to track the effectiveness of security programs and controls.
Provide regular reports to senior management and stakeholders on the security posture of the organization, highlighting key risks, incidents, and improvements.
Continuously evaluate emerging security threats and trends, adapting strategies and processes as needed.

Qualifications:

Bachelor’s degree in Computer Science/Information Security, or related field (or equivalent work experience).
7+ years of experience in cyber security, with at least 2 years in a managerial or leadership role.
Strong understanding of information security concepts, risk management, and threat landscape.
Hands-on experience with security technologies such as firewalls, intrusion detection/prevention systems, encryption, endpoint protection, and identity management.
Knowledge of industry standards and frameworks (e.g., NIST, ISO 27001, CIS, OWASP).
Strong communication skills, with the ability to explain technical concepts to non-technical stakeholders.
Experience with regulatory compliance requirements (e.g., GDPR, SOC 2, DPDPA).
Either of Certifications such as CISSP/CISM is mandatory.
Certifications preferred ISO27001:2022 LA/LI
Good to have experience in QMS & CMMI

Key Skills:
Cybersecurity risk management
Incident response and crisis management
Security architecture and design
Threat hunting and vulnerability management
Security policy and governance
Compliance and regulatory knowledge
Leadership and team management
Communication and stakeholder management

Experience in developing annual plans for ISMS audits and Business Continuity Planning (BCP)
Responsible for conducting internal, external, and security audits
Accountable for managing all aspects of security compliance
Coordinate security-related activities with functional and project teams
Proficient in managing delivery teams for compliance audits aligned with the SDLC lifecycle
Schedule and oversee ISMS monitoring activities at defined intervals
Lead execution of ISMS plans, including monthly reviews and Management Review Meetings
Skilled in supporting customer security assessments, RFPs, and third-party risk evaluations
Capable of reviewing Master Service Agreements (MSA), Information Security Agreements, and Data Protection Agreements with respect to ISMS viewpoint
Responsible for disseminating information security awareness communications
Oversee risk management and business continuity management processes
Identify gaps and drive continuous improvement initiatives
Review & update of ISMS policies and procedures
Coordinate with vendors to plan and execute annual external audits
Understand procurement workflows and manage purchase orders
Experienced in creating and maintaining ISMS documentation
Knowledge on ISO 27001:2022, SOC II Type 2 Standards and SDLC lifecycle

Job Description: Information Security Manager

Role Details
Position: Information Security Manager
Location : Bangalore

About SCRUT Automat
Scrut Automation is a one-stop shop for infosec compliance. It supports IT/ITES/SaaS companies in automating their information security compliance tasks and reduces manual work in maintaining compliance by ~70%. Founded by IIT/ISB/McKinsey alumni, the founding team has over 15 years of combined Infosec experience. Scrut is backed by Lightspeed Ventures and Endiya Partners, along with prominent angels from the global SaaS community.

The Scrut platform provides the fastest solution for achieving and maintaining compliance across global standards, including but not limited to SOC 2, ISO 27001, GDPR, HIPAA, PCI-DSS, or CCPA, through its truly 'single window' operations. Scrut acts like an organization’s virtual CISO, so they can focus on their business and leave compliance to Scrut.

Overview of the Job Profile
This position is responsible for establishing and maintaining a corporate-wide information security management program to ensure that information assets are adequately protected.

Responsibilities
Understanding the Policies and Procedures of the Client and suggesting improvement points related to Information Security.
Understanding the setup of the Cloud Infrastructure of Clients and suggesting improvement points related to Information Security.
Preparation of Policies and Procedures for Information Security.
Impart training on Information Security.
Performing Infosec Internal Audits covering all departments as per ISO 2700,SOC 2/GDPR requirements.

Requirements
Degree in Engineering (Computer Science/IT) /MCA/ Business administration in a technology-related field required.
Minimum of 3-5 years of experience in Information security, Governance, Risk and Compliance
Understanding of Unified/Secure Controls Framework.
Exposure to one or more infosec audits and implementation like ISO 27001/SOC 2/GDPR/PCI DSS isa must.
Exposure to one or more privacy audits and implementation like ISO 27701/GDPR is a must.
Professional security management certification (Like ISO 27001 Lead Auditor / Lead Implementer Certification or CISA or CISSP) will be an added advantage.
Knowledge of security controls of AWS / Microsoft Azure / GCP will be an added advantage.
Excellent written and verbal communication skills and a high level of personal integrity.
Innovative thinking and leadership with an ability to lead and motivate cross-functional, inter disciplinary teams.
Regulatory Compliance like SAR-DL, PPI, PAPG, RBI Master Guidelines, IRDA related requirements.
Knowledge on ISO 42001 would be an added advantage.

Why should this job excite you?
Opportunity to make an early impact on one of the most promising, high-growth SaaS startups in India.
A high-performing action-oriented team.
Opportunity to shape the future of B2B SaaS with YOUR innovative ideas.
The competitive compensation package, benefits, and employee-friendly work culture.

Educational Qualifications: Certifications: Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Internal Auditor (CIA), or other relevant certifications are often required or preferred.

Technical Skills: Audit and Compliance: Strong understanding of IT audit methodologies, control frameworks, and compliance standards (e.g., COBIT, ISO 27001, NIST, PCI DSS).

Risk Assessment: Ability to conduct risk assessments and identify potential risks and vulnerabilities in IT systems and processes.

Security Knowledge: In-depth knowledge of information security principles, practices, and technologies, including network security, application security, and data security.

IT Governance: Understanding of IT governance frameworks and practices to ensure that IT aligns with business objectives.

Data Analysis: Proficiency in using data analysis tools and techniques to analyze large datasets and identify patterns or anomalies.

Audit Tools: Familiarity with audit tools and software commonly used in IT audit processes.

IT Systems Knowledge: Understanding of various IT systems, cloud platforms (AWS, GCP, Azure), and technologies, including operating systems, databases, and network infrastructure.

Experience: 3 years Audit Experience: Previous experience in IT auditing, either as an internal or external auditor, is often required.

Industry Knowledge: Familiarity with the financial services/FinTech industry or sector in which the organization operates is beneficial.

Soft Skills: Communication Skills: Strong verbal and written communication skills to effectively communicate audit findings and recommendations to both technical and non-technical stakeholders.

Analytical Skills: Strong analytical and problem-solving skills to assess complex IT systems and processes.

Attention to Detail: Meticulous attention to detail to identify and document potential risks and weaknesses.

Teamwork: Ability to work collaboratively with cross-functional teams, including IT professionals, business units, and management.

Ethical Conduct: High ethical standards and integrity to maintain confidentiality and objectivity in the audit process.

Adaptability: Ability to adapt to evolving technologies, regulations, and business environments.

Professional Development: Demonstrated commitment to ongoing professional development and staying updated on industry trends and best practices.

Keep in mind that these specifications may vary depending on the organization's specific needs and the complexity of its IT environment.

Thank you in advance for providing all required information!

Powered by JazzHR