Senior Manager Information Security

Job Summary:-

The Senior Manager – Information Security will spearhead the development and execution of

a comprehensive information security strategy that supports the organization's business

objectives and regulatory requirements. This role requires a strategic leader with deep

technical expertise and proven experience managing enterprise security programs, risk

management, and compliance initiatives.

Key Responsibilities:-

Strategic Security Leadership

 Develop and implement a comprehensive information security strategy aligned with

the company's goals and industry best practices.

 Collaborate with executive leadership and business units to embed security principles

into business processes and projects.

 Provide leadership and mentorship to the information security team, fostering a

culture of continuous improvement and proactive risk management.

Security Operations & Incident Management

 Oversee ongoing security monitoring, threat intelligence, incident detection, and

response activities to protect organizational assets.

 Lead investigation and resolution of security incidents, coordinating cross-functional

efforts to mitigate risks and remediate vulnerabilities.

 Manage vulnerability management programs, ensuring timely identification and

mitigation of security gaps.

Policy, Framework & Compliance

 Maintain and evolve the company's information security framework, policies,

standards, and procedures to meet regulatory and compliance requirements (e.g.,

GDPR, HIPAA, ISO

 Ensure compliance with internal and external audit requirements and coordinate

security-related audits and assessments.

 Drive governance processes to enforce adherence to security policies across the

organization.

Security Technology Management

 Oversee configuration, deployment, and administration of critical security

infrastructure including SIEM, firewalls, Endpoint Detection and Response (EDR),

antivirus (AV), Web Application Firewalls (WAF), and related security tools.

 Lead network security initiatives including segmentation, VPN setup, domain

policies, and secure access controls to safeguard the organization's network

environment.

Disaster Recovery & Business Continuity

 Develop, maintain, and regularly test disaster recovery and business continuity plans

to ensure organizational resilience.

 Conduct regular drills and tabletop exercises, working closely with IT and business

teams to validate readiness.

Security Awareness & Training

 Lead the design and implementation of security awareness programs to educate

employees on cybersecurity risks, policies, and best practices.

 Promote a security-conscious culture through ongoing communication and training

initiatives.

Qualifications:-

 Bachelor's degree in Computer Science, Information Technology, or a related

discipline.

 10 to 12 years of progressive experience in information security, including at least 5

years in a leadership or managerial role.

 Professional certifications such as CEH, CISSP, CISA, or CISM are mandatory.

 Extensive hands-on experience with security technologies such as SIEM, firewalls,

EDR, AV, WAF, VPN, and network segmentation.

 Proven expertise in incident response, vulnerability management, risk assessments,

and compliance frameworks (ISO 27001, NIST, GDPR, etc.).

 Strong understanding of disaster recovery, business continuity planning, and testing

methodologies.

 Excellent leadership, communication, and stakeholder management skills, with the

ability to influence at all levels of the organization.

Preferred Skills:-

 Experience in cloud security and managing hybrid IT environments.

 Knowledge of emerging cybersecurity threats and mitigation techniques.

 Ability to develop and deliver executive-level reports and presentations.

 Strong project management skills and experience working with cross-functional

teams.