Qureos

FIND_THE_RIGHTJOB.

companyLogo
TechDefence Labs

Manager - INFOSEC Compliance

JOB_REQUIREMENTS

Hires in

Not specified

Employment Type

Not specified

Company Location

Not specified

Salary

Not specified

Title: Manager – Information Security Compliance
Location: Ahmedabad
Exp: 5-7 Years

Educational Qualification:

Graduate/ postgraduate in Information security/ cyber security/ information technology/ computer science/ computer application

Professional Qualification:
  • Certified Information Security Manager (CISM) and ISO/ IEC 27001 Lead Implementer/ Auditor
  • Certification specific to data privacy will be an added advantage.

Job Description:
  • Lead and drive Information security/ cyber security and data privacy implementation projects/ assignments for clients.
  • Conduct cyber security maturity assessment with technical evaluation in a highly technical environment.
  • Perform risk assessment, business impact analysis (BIA), Privacy Impact Assessment (PIA) and data protection impact assessment (DPIA) as per client's organization context.
  • Drive and enhance third party risk management program.
  • Lead and drive ISO/ IEC 27001 audit, SOC 2 Type 2 and other GRC framework/ standard/ regulation implementation/ assessment.
  • Manage client communication, including documentation of requirement gathering, scoping, and deliverables.
  • Lead, guide and mentor the team of GRC professionals.
  • Track project deliverables and provide status updates to the management on a periodic basis.

Experience:
  • Five to seven years of dedicated experience in Governance, Risk and Compliance (GRC) domain with hands-on experience on implementation, technical assessment of requirements of standards/ frameworks/ regulations such as ISO/ IEC 27001, NIST, SOC2, CERT-IN, RBI, SEBI, IRDAI in highly technical environment.
  • Prior experience in a consulting firm as a client-facing role.
  • Proven experience in end-to-end implementation of GRC frameworks, development, and enforcement of policy/ strategy tailored to client needs.
  • Exposure in DPDPA, PDPL, GDPR, NCA-ECC (Essential Cybersecurity Controls) and NCA-CCC (Cloud Cybersecurity Controls) will be an added advantage.
  • Deep working knowledge of security solutions, technology platforms and controls such as identity and access management including privilege identity/ access management, active directory services, SIEM-SOAR, EDR/ XDR, cloud security, firewalls, IPS/ IDS, WAF, DDOS, Data leakage prevention, Mobile device management (MDM), virtualization.
  • Deep working knowledge of Incident Management, Patch Management, VA/ PT, Change Management, Configuration Management
  • Ability to validate effectiveness of implemented controls.
  • Candidates with IT security background with above mentioned experience and exposure to manage and monitor compliance dashboard & posture through GRC tools will be preferred.

Desired attributes
  • Proven stakeholder management skills.
  • Excellent communication and presentation skills with the ability to articulate technical matters effectively to audiences in technical, non-technical and leadership capability.

Similar jobs

No similar jobs found

© 2026 Qureos. All rights reserved.

Term of usePrivacy policy