Infosec Manager – TeamLease Services (HRTech)

Location: Bengaluru
Experience: 5+ Years
Type: Full Time
Department: Technology

Roles and Responsibilities:

  • Implementing policies and procedures to keep the organization in compliance with
    current legislation and standards.
  • Providing employees with security training. It is critical that all employees understand
    how their everyday job actions affect the overall security of the company. Training staff
    on defined policies and procedures on an ongoing basis.
  • Facilitate to take corrective and preventive action if an employee breaks the policies or
    procedures. Understanding the security threats connected with various job functions is
    part of this.
  • Collaborate with employees to understand how the policies affect their regular work
    activities.
  • Keeping the infrastructure secure by supervising the IT auditing procedure (e.g.,
    penetration testing, vulnerability assessments, etc.). You will also be in charge of
    assessing all audit results and making necessary infrastructure adjustments.
  • Ensuring that the company’s data is protected using the most secure technologies
    available. This means you’ll have to keep up with new threats, vulnerabilities, and exploits
    as they emerge.
  • Be aware of any potential harm the new threats may have on your network infrastructure
    and existing security procedures.
  • Maintaining the security of all applications, networks, and systems that interact with the
    outside world. This involves ensuring that all third-party service providers are held to the
    same security standards as the internal users.
  • Serving as a point of contact for high-risk vulnerabilities and occurrences. This includes
    assessing the risk associated with new threats, vulnerabilities, and exploits before
    deciding how to respond to them. You must also be able to make decisions about when
    to tell senior management about emerging threats and their possible impact on your
    organization’s infrastructure.
  • Lead on compliance reviews, certifications and accreditations (e.g. ISO27001, Cyber
    Essentials, DPDP Act etc.).
  • Implement effective and appropriate GRC controls and measures to protect systems and
    data.
  • Identify, communicate and manage current and emerging security threats with relevant
    stakeholders.
  • Develop Information security compliance frameworks, security policies and procedures,
    where necessary.
  • Work with business, internal IT and 3rd party vendor teams to promote and adopt
    security best practices.
  • Validate IT infrastructure and other reference architectures for security best practices
    and recommend changes to enhance security and reduce risks, where applicable.
  • Work with Global Information Security Team, Security partners, Managed Security
    Service Provider (MSSP) to conduct and review regular security assessments (Pen tests,
    Vulnerability scans etc) of vendors and solutions (SaaS, IaaS providers and MSSP).

Qualifications:

  • Comprehensive understanding of Information Security Frameworks (e.g. ISO 27001, SOC
    2, NIST CSF, Cobit, etc.)
  • Monitoring and reporting on compliance with security and data protection policies, as
    well as the enforcement of policies.
  • Working knowledge of Security Architecture and potential security issues related to
    PaaS, IaaS, SaaS with understanding of IAM and Data Loss Prevention in an AWS
    environment.
  • Knowledge of security technologies such as EDR, DLP, Vulnerability Management and
    Firewalls.
  • Familiar with HMG Security Policy Framework requirements and Government Security
    Classifications
Sorry! This job has expired.
Back to listings