Information Security Manager

5 days ago

Bangalore North Rural Karnataka, India EmbarkGCC Full time ₹ 12,00,000 - ₹ 36,00,000 per year

Role: Information Security Manager

Base location: Bangalore, Chennai, Mumbai, Pune & Hyderabad

Key Responsibilities:

Security Architecture Review & Threat Modeling:

  • Conduct
    security architecture reviews
    for applications, cloud environments, and IT systems to identify risks.
  • Perform
    threat modeling (e.g., STRIDE, PASTA, MITRE ATT&CK, DREAD)
    to assess potential attack vectors and weaknesses.
  • Analyze
    authentication, encryption, and access control mechanisms
    within application and system architectures.
  • Review security controls against industry standards and organizational policies (e.g.,
    NIST, ISO 27001, OWASP, CIS Controls, TISAX
    ).
  • Provide
    secure design recommendations
    to mitigate identified risks.

Application & Cloud Security Assessment:

  • Assess
    web, mobile, and cloud-based applications
    for security risks and misconfigurations.
  • Evaluate
    API security, microservices architectures, and containerized environments
    for vulnerabilities.
  • Validate implementation of
    IAM, Zero Trust, network segmentation, and encryption standards
    .

Security Risk & Compliance Evaluation:

  • Identify
    security gaps in applications and infrastructure
    and recommend compensating controls.
  • Ensure compliance with
    GDPR, SOC 2, PCI-DSS, ISO 27001, TISAX, and other relevant security frameworks
    .

Collaboration & Reporting:

  • Create
    comprehensive reports
    detailing identified
    risks, mitigation strategies
    ,
    cloud specific controls
    ,
    data flow diagram, trust zones
    , and
    improvement recommendations.
  • Collaborate with stakeholders to develop and refine the
    enterprise security architecture and threat modeling strategies.

Requirements

Qualifications & Experience:

  • Bachelor's or Master's degree
    in Cybersecurity, Computer Science, Information Technology, or a related field.
  • Over 9
    Years of experience, including
    3+ years
    of experience in security architecture review, threat modeling, and risk assessment.
  • Strong expertise in
    threat modeling frameworks
    such as
    STRIDE, PASTA, MITRE ATT&CK, OWASP ASVS
    .
  • Knowledge of
    cloud security (AWS, Azure, GCP), API security, and microservices architecture
    .
  • Familiarity with
    IAM, Zero Trust, MFA, RBAC, PAM, and network security principles
    .
  • Experience in
    secure SDLC, DevSecOps, and security assessment
    .
  • Hands-on experience with
    security assessment tools
    (e.g., Microsoft Threat modeling, Microsoft Visio).
  • Understanding of
    penetration testing methodologies, security misconfigurations, and application security risks
    .

Preferred Certifications:

  • CISSP (Certified Information Systems Security Professional)
  • CSSLP (Certified Secure Software Lifecycle Professional)
  • CCSP (Certified Cloud Security Professional)
  • AWS/Azure Security Certifications
  • CEH (Certified Ethical Hacker) or OSCP (Offensive Security Certified Professional)

  • Information Security Manager

    2 days ago

    Bangalore, Karnataka, India EMBARKGCC SERVICES PRIVATE LIMITED Full time

    Role Information Security Manager Base location Bangalore Chennai Mumbai Pune Hyderabad Key Responsibilities Security Architecture Review Threat Modeling Conduct security architecture reviews for applications cloud environments and IT systems to identify risks Perform threat modeling e g STRIDE PASTA MITRE ATT CK DREAD to assess potential attack vectors and...

  • Lead Manager

    2 weeks ago

    Bangalore, Karnataka, India Infosys Full time

    Responsibilities 11 1 Risk Management 11 1 1 Lead the identification assessment analysis treatment and management of security risks across the organization and its subsidiaries 11 1 2 Facilitate smooth conduct of Risk Assessment on different levels and functional verticals of the organization and subsidiaries 11 1 3 Collaborate with cross-functional...

  • Information Security Snr Manager

    3 weeks ago

    Bangalore, Karnataka, India ORACLE Full time

    Given the breadth and complexity of the hundreds of products and services developed and provided by Oracle there are many vastly different attributes including education skills knowledge experience and abilities required for specific roles within this job code Consult with your manager about the specific expectations for your role and career...

  • Information Security Specialist

    7 hours ago

    Bangalore, Karnataka, India Epiroc Full time

    We are now looking for an experienced and qualified candidate with the main mission to work as Information Security Specialitst Mission To understand the threat landscape improve the effectiveness of Epiroc s Cybersecurity Program and protect business assets Identify Information Security risks and required mitigating activities Raising awareness and...

  • Security Engineer

    1 week ago

    north delhi, India TAC Security Full time

    Job description As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients' systems and...

  • Information Security Manager

    2 weeks ago

    bangalore, India Mashreq Full time

    Job PurposeManagement:To Strategize, develop and implement Data Protection Controls in coordination with stakeholders across the Organization globally.To ensure compliance of the Organization with the defined policy & framework with a data driven approach ExecutionTo ensure that the protection operations are executed effectively in a timely manner and with...

  • Urgent Search: Information Security Manager

    2 weeks ago

    Bangalore, Karnataka, India Digantara Full time

    Digantara is a leading Space Surveillance and Intelligence company focused on ensuring orbital safety and sustainability With expertise in space-based detection tracking identification and monitoring Digantara provides comprehensive domain awareness across all regimes enabling end-users to gain actionable intelligence on a single platform At the core...

  • Information Security Lead Auditor

    1 week ago

    Bangalore, Karnataka, India Infosys Full time

    Responsibilities Information security standards ISO 27001 ISO 31000 risk management standards ISO 22301 CISA certified information systems auditor CISM CISSP CEH CIPP-E CIPP -US CCIE CCNA COBIT SOX SSAE18 CISM etc Advanced Networking principles software engineering principles information security principles Additional knowledge and domain...

  • Information Security Manager

    4 days ago

    bangalore district, India Mashreq Full time

    Job Purpose Management : To Strategize, develop and implement Data Protection Controls in coordination with stakeholders across the Organization globally. To ensure compliance of the Organization with the defined policy & framework with a data driven approach Execution To ensure that the protection operations are executed effectively in a timely manner and...

  • Engineer, Information Security

    4 weeks ago

    Bangalore, Karnataka, India Lowe's Full time

    About Lowe s Lowe s is a FORTUNE 100 home improvement company serving approximately 16 million customer transactions a week in the United States With total fiscal year 2024 sales of more than 83 billion Lowe s operates over 1 700 home improvement stores and employs approximately 300 000 associates Based in Mooresville N C Lowe s supports the...