Information Security Manager

Job Description : Responsibilities : - Develop and implement a comprehensive IT security strategy aligned with business objectives and regulatory requirements. - Establish and maintain security policies, standards, and procedures. - Lead the development and implementation of security awareness training programs. - Conduct regular security risk assessments and vulnerability analyses. - Ensure compliance with relevant security frameworks and regulations (e., ISO 27001, NIST, GDPR, HIPAA). - Manage security operations, including intrusion detection, vulnerability scanning, and security monitoring. - Lead incident response efforts, including investigation, containment, eradication, and recovery. - Develop and maintain incident response plans and playbooks. - Conduct post-incident reviews and implement corrective actions. - Design and implement security architectures and solutions to protect systems and data. - Evaluate and recommend security technologies and tools. - Manage and maintain security infrastructure, including firewalls, intrusion detection/prevention systems, and security information and event management (SIEM) systems. - Conduct security reviews of new and existing systems and applications. - Manage vulnerability scanning and penetration testing programs. - Analyze vulnerability reports and prioritize remediation efforts. - Track and report on vulnerability remediation progress. - Coordinate external penetration testing engagements. - Implement and manage access control policies and procedures. - Manage identity and access management (IAM) systems. - Ensure proper provisioning and de-provisioning of user accounts. - Implement multi-factor authentication (MFA) and privileged access management (PAM) solutions. - Implement data loss prevention (DLP) strategies and technologies. - Ensure data encryption and protection at rest and in transit. - Manage data privacy compliance efforts. - Conduct data security audits and assessments. - Lead and mentor a team of security professionals. - Assign tasks and monitor team performance. - Conduct performance reviews and provide feedback. - Foster a culture of security awareness and continuous improvement. - Manage relationships with security vendors and service providers. - Evaluate and select security vendors based on performance and cost. - Negotiate and manage security contracts. - Contribute to the development and implementation of business continuity and disaster recovery plans. - Conduct regular testing of business continuity and disaster recovery plans. Required Skills & Experience : - 5 years of experience in IT security, with a focus on security management. - Strong understanding of security principles, technologies, and best practices. - Experience with security frameworks and regulations (ISO 27001, NIST, GDPR, HIPAA). - Experience with security tools and technologies (firewalls, IDS/IPS, SIEM, vulnerability scanners, etc. - Experience with incident response and security operations. - Knowledge of network security, application security, and data security. - Excellent communication, presentation, and interpersonal skills. - Strong leadership and team management skills. - Relevant security certifications (CISSP, CISM, CISA). Preferred Skills & Experience : - Experience with cloud security (AWS, Azure, GCP). - Experience with DevSecOps practices. - Experience with penetration testing and ethical hacking. - Experience with security automation and orchestration. - Experience with threat intelligence platforms. - Experience with risk management frameworks (ref:hirist.tech)

Location: thane, IN

Posted Date: 3/26/2025