Urgent: Senior Manager Information Security

Job Description We are looking for Immediate Joiners Job Mode: Work from Office (5days) Location: Pune About Us: Solytics Partners is a Global Analytics firm, recognized with multiple industry awards for innovation and excellence. Our team comprises experts with deep domain knowledge in risk, analytics, AI/ML, AML/FCC, and fraud. By converging this expertise with cutting-edge technologies like AI, Machine Learning, Generative AI, and Large Language Models (LLMs), we deliver powerful automated platforms and incisive point solutions. Our offerings enable clients to streamline and future-proof their risk, AML, and analytics processes, comply seamlessly with global regulations, and safeguard financial systems. Whether it's solving complex challenges or driving operational efficiency, Solytics Partners is committed to empowering organizations with transformative tools to stay ahead in an evolving regulatory landscape. Job Summary: The Senior Manager of Information Security at Solytics Partners will be responsible for developing, implementing, and managing the company's information security strategy to protect its data and technology assets. This role requires a strategic thinker with a deep understanding of Information security/cybersecurity, risk management, and compliance. The successful candidate will lead the InfoSec function, work closely with other departments, and ensure that security policies and practices are aligned with organizational goals and industry/regulatory standards. This role is crucial in protecting our organization from cyber threats, ensuring compliance with relevant regulations, and fostering a culture of security awareness across all levels of the organization. The ideal candidate will have a deep understanding of the information security landscape, strong leadership capabilities, and a proven track record in implementing robust security frameworks. Key Responsibilities: Information Security Strategy Develop and execute a comprehensive information security strategy. aligned with Solytics Partners business objectives. Provide expert advice to the executive team on cybersecurity threats, vulnerabilities, and emerging trends. Establish and maintain security policies, standards, and guidelines to protect the confidentiality, integrity, and availability of company data. Provide strategic direction on security initiatives and ensure they are integrated with overall IT and business strategies. Risk Management and Compliance Identify, assess, and prioritize security risks across the organization, and develop mitigation strategies to address these risks. Ensure compliance with industry regulations, standards, and best practices, including GDPR, CCPA, ISO 27001, and others as applicable. Oversee internal and external security audits, vulnerability assessments, and penetration testing to identify and remediate security weaknesses. Security Operations Lead the implementation and management of security technologies and solutions, including firewalls, spam/malware protection, intrusion detection systems, encryption, and endpoint protection Monitor and respond to security incidents, ensuring timely and effective resolution. Develop and maintain incident response plans and lead the organization's response to security breaches and other emergency situations. Security Architecture and Engineering Collaborate with the technology team to design and implement secure network, application, and cloud architectures. Evaluate and recommend new security technologies and tools to enhance the company's security posture. Oversee the secure development lifecycle, ensuring that security is embedded in every phase of product development. Stakeholder Engagement and Reporting Communicate security risks, incidents, and strategies to the executive team, Board of Directors, and other stakeholders. Prepare and deliver regular reports on the state of the company's information security to senior leadership. Engage with customers, partners, and regulatory bodies to address security concerns and demonstrate the company's commitment to data protection. Team Leadership and Development Build and lead a high-performing information security team, providing mentorship, guidance, and professional development opportunities. Foster a culture of security awareness across the organization through training, communication, and advocacy. Collaborate with IT, DevOps, and other teams to integrate security best practices into all aspects of the business. Requirements Proven experience in cybersecurity and information security management, with a strong understanding of IT security principles and practices. In-depth expertise with Microsoft security tools, including Microsoft Sentinel, Intune. Purview, Defender, Entra ID, and Microsoft Exchange. Comprehensive knowledge of ISO 27001 standards, with hands-on experience in ISO audits and managing compliance with industry standards. Hands-on SOC 2 Type 2 experience in scoping, implementing controls, audit evidence preparation, auditor coordination, and ongoing compliance. Demonstrated ability to lead the implementation of security controls and policies, ensuring alignment with organizational and regulatory requirements. Proficiency in managing SIEM tools such as Splunk, Azure Sentinel, or QRadar for advanced threat detection and response. Experience overseeing Security Operations Center (SOC) processes, including incident response and threat monitoring to mitigate security risks effectively. Expertise in email security strategies and anti-phishing measures, with a focus on safeguarding organizational communication channels. Strong background in endpoint security management, including Microsoft Defender for protecting enterprise devices. Skilled in firewall management and network security protocols to ensure network integrity and prevent unauthorized access. Strategic thinker with the ability to assess security risks, develop mitigation plans, and ensure the organization's information assets remain secure. Excellent leadership and communication skills, with experience in mentoring security teams, fostering a culture of security awareness, and working closely with key stakeholders to manage cybersecurity initiatives effectively.