Information Security

Job Description Company Description Dairy Day is one of India's largest ice cream brands. Over the last 22+ years, we have built a formidable presence across South & West India and are continuously expanding across the country, selling to over 60,000+ retailers. Dairy Day manufactures and supplies products across a variety of cups, cones, sticks, tubs, and other special packaging with over 30+ flavors. The company has state-of-the-art manufacturing facilities in Karnataka with a production capacity of 3 Lakh liters/day. Role Summary The Information Security and Controls Lead will be responsible for designing, implementing, and managing Dairy Day's IT security and controls framework across manufacturing plants, depots, and corporate functions. This role will ensure robust cybersecurity, IT General Controls (ITGC) compliance, and governance over critical business systems including SAP, infrastructure, and cloud environments. The position will also drive continuous improvement in the company's security posture, compliance readiness, and risk management in alignment with ISO 27000, NIST, and relevant industry standards. ROLE AND RESPONSIBILITIES Design and maintain a comprehensive IT Security and Controls Framework suitable for a distributed manufacturing and FMCG environment, covering all key security & controls areas Define and periodically update security policies, procedures, and standards covering plants, depots, and head office systems. Embed ITGCs and security controls across SAP, network, server, end-user, and application landscapes. Establish governance mechanisms to monitor and report on control compliance and effectiveness. Collaborate with infrastructure & application partners to ensure timely patching, configuration hardening, and secure access to systems. Ensure endpoint, server, and network security controls are effectively implemented across manufacturing sites, warehouses, and remote locations. Coordinate evidence collection, remediation, and closure of audit findings for ITGC's for internal and external audits. Maintain audit readiness for statutory, internal, and compliance requirements. Develop a IT risk management framework, Conduct IT risk assessments and develop mitigation plans for identified security and control gaps. Provide regular reports and dashboards to leadership on IT risk, control maturity, and cybersecurity posture. Drive initiatives to automate control monitoring, improve audit efficiency, and strengthen security operations maturity. Lead Information Security and Controls awareness & training programs for employees, plant personnel, and IT teams. Stay current on emerging threats, vulnerabilities, and industry practices relevant to manufacturing and FMCG sectors QUALIFICATIONS AND EDUCATION REQUIREMENT Bachelor's degree in IT, Computer Science, or a related field. Good to have relevant industry certifications such as CISA, CISM, CISSP, ISO 27001, and others (as relevant) At least 8-10 years of working experience in domains related to Information Security & IT General Controls and with a very strong security & controls mindset. Experience in area of IT Audits, Compliance and Risk Management in IT/FMCG Industry Excellent Knowledge of Cyber Security, risks, threats in infrastructure, network, Cloud, Application and Data Centre Technologies Experience of various security solutions such as Firewall / IDS/ IPS / NAC / Email Security/CASB / EDR / WAF / AV / DLP / ATP / PIM / PAM / DAM / SIEM etc. Good understanding of Security technologies for private and public cloud Thorough Knowledge of IT and Security processes implementation and compliances Knowledge of information and network security principles, with a major focus on information, network & application security risks and impact. Good understanding of security frameworks, standards such as ITGC Control, ISO 27001, NIST, CIS etc. Max CTC for this position will be 25-30 LPA Interested Candidates can share your CV on - [Confidential Information]