Manager- Information Security

Original Post

**Role:** Manager \_ Information Security **Total Experience:** 12\-14 Years Industry Experience **Relevant Experience: 8** Years **Qualification:** Any Graduate. **Location:** Pune, India **Profile:** We are looking for an experienced **Manager – Information Security** to lead our organization’s security governance, compliance, and risk management initiatives. This role requires a strong blend of **hands\-on audit experience, security program leadership, and stakeholder management** across enterprise IT and cloud environments. Ability to manage and oversee compliance initiatives, audits, and IT security governance frameworks. ***Skill Required:*** * + **Strategic Planning:** Develop, implement \& monitor an information security program to ensure that the integrity, confidentiality and availability of information is owned, controlled and processed by the organization. + **Policy Development:** Creating and enforcing security policies, protocols, and procedures. + **Risk Management:** Conducting security audits, vulnerability assessments, and penetration testing to identify risks. + **Audit Leadership:** Coordinate internal and external security audits, managing the remediation of any identified gaps**.** + **Compliance \& Audit:** Ensuring compliance with legal, regulatory, and industry standards (ISO 27001, ISO 20001, ISO9001, SSAE 18 SOC1 \& SOC2, GDPR, HITRUST). **Exposure to tools and systems:** * + Vulnerability Management Tools eg : Qualys, Nessus,Teneable. + Application Security Tools: Burp Suite ,AppScan + Endpoint \& Security Tools: crowdstrike . SentielOne + Cloud \& Security Platforms: AWS Security Services, Azure Security Center , GCP (basic exposure) + **IT Collaboration: Partner with IT and engineering teams to embed security into the system architecture and software development lifecycle.** + Ensuring Design effectiveness and operational effectiveness of all IT and business Processes. + Identify cost effective right security tool and smooth rollout to across organization. + Negotiation with vendor for cost optimization. + **Incident Response:** Lead the security incident response program, ensuring technical teams are prepared to detect and contain threats. + **Team Leadership:** Training and leading security analysts to monitor for potential threats. + Annual Data Protection \& Privacy Compliance review. + Conduct a Risk Assessment on newly introduced project. + Ensuring compliance of Onboarding Offboarding, Physical Security, Desktop Management, Server Management (On Premises/ Cloud), Network Management, Application security, Website security, VA PT, hardening, SOC, Access management, BCP, Incident, Change, Problem and capacity management processes. + Ensure frequency\-based controls are executed on time (e.g. Log Review, User Access Review, Firewall Rule Review, VAPT, infosec training, Background verification etc.) + Sharing monthly Security Deck and presentation to senior Management + Ensuring Inventory completeness on Laptop, Server, Network devices, Antivirus Report, Patch Report, Encryption report, Vulnerability Assessment, Hardening, Penetration Testing and Health Monitoring tool. + Reviewing Risk Register, Security Incident \& Issue tracker. + Responding Client’s Vendor Risk Assessment Questionnaire. **Personal Skills****:** * + Currently working in a **Lead role** within **Information Security Governance and Compliance**, with a strong focus on **IT Security**. + Strong **communication skills** with the ability to present findings and recommendations effectively. + Excellent **analytical thinking** and **decision\-making** abilities. + Ability to manage and oversee compliance initiatives, audits, and IT security governance frameworks. + Strong attention to detail with a proactive and solution\-oriented mindset. + Proficient in **Advanced Excel** and **PowerPoint**; knowledge of **Power BI** and **Excel VB Macros** will be an added advantage. **About RIA Advisory:** RIA Advisory LLC (RIA) is a business advisory and technology company that specializes in the field of Revenue Management and Billing for Banking, Payments, Capital Markets, Exchanges, Utilities, Healthcare and Insurance industry verticals. With a highly experienced team in the field of Pricing, Billing \& Revenue Management, RIA prioritizes understanding client needs and industry best practices to approach any problem with insight and careful strategic planning. Each one of RIA Advisory’s Managing Partners have over 20 years of industry expertise and experience, our leadership and consulting team demonstrate our continued efficiency to serve our clients as a strategic partner especially for transforming ORMB and CC\&B space. Our operation are spread across US, UK, India, Philippines, Australia **• Services Offered:** • Business Process Advisory for Revenue management processes • Technology Consulting \& Implementation • Help clients transition to latest technology suite and overcome business problems. • Managed Services • Quality Assurance • Cloud Services