We are hiring on behalf of our client, a leading commerce market platform company based in Noida.
Role: Information Security Manager
Qualifications:
- Master's degree in Cyber Law and Information Security
Experience:
- 2-5 years of domain experience, preferably from the banking industry in a similar profile
Base Location:
About the Role:
An Information Security Manager is responsible for developing and administering risk policies and procedures for an organization, ensuring that the systems are secure and not breached.
Responsibilities:
- Develop, establish, and implement policies and frameworks for IT security and risk management.
- Define and enforce data privacy, data classification, and data security policies and requirements. Collaborate with the IT team to build roadmaps for achieving ISO 27001, RBI Governance advisories, Indian data bill compliance, and GDPR compliance.
- Analyze financial data safety and security threats that the company or organization may face.
- Perform risk evaluation by comparing potential risks with company-defined criteria, including cost, data, environmental issues, and regulatory requirements, and assess the company’s previous risk management.
- Manage all applicable risk factors, such as the possibility of system failure or data loss.
- Develop strategies and execute Vulnerability Assessment and Penetration Testing (VAPT) for all systems at least once a year, along with vendors as needed.
- Ensure compliance with all relevant regulations and standards, including GDPR.
- Collaborate with business stakeholders, product, and tech teams to define access control based on the principle of minimum privileges.