unifyCX - Manager - IT Security (10-12 yrs)

JOB DESCRIPTION :

Designation : Manager IT Security

Work Location : Mangalore

No. of positions : 01

Department : Information Security (Corporate IT)

Summary of the Position :

This position requires candidate should be Graduate/Post Graduate on Engineering / Computer Science with at least 10 + years of experience in managing Information Security / Cyber Security for an enterprise level.

Lead and manage day-to-day security operations and ensure the implementation and enforcement of security measures across the organization.

Role will involve assessing vulnerabilities, managing security incidents, and overseeing a team of security professionals. Collaborate closely with IT, risk management, and other business units to maintain a secure infrastructure and ensure compliance with relevant security standards and regulations.

Qualification, Certifications and Knowledge level :

- B. Tech/ B.E /BSc / MSc - CSE/ IT/Cyber Security/ECE

- Certifications: CEH / GSEC / CISM or other relevant security

- 10 years of experience in cybersecurity or information security roles.

- Strong knowledge of SIEM, firewalls, IDS/IPS, vulnerability management, and encryption.

- Experience with security frameworks such as NIST, ISO 27001, SOC 2 or CIS.

- Hands-on experience with incident response and management.

- Prior experience in a leadership or managerial role within security operations is preferred.

- Good understanding of IT/IS & Cyber risks

- Experience in risk management processes and reporting

- Experience in third-party risk management frameworks & processes

- Good Communication Skills

- Ability to work independently and to take emergent decisions on his/her own

- Ability to work collaboratively with internal and external stakeholders to achieve a mutually beneficial result

- Good team player, hardworking, enthusiastic with good attitude

Experience :

- 10-12 years of relevant work experience in Information Security / IT Security and risk management functions.

Roles & Responsibilities :

Security Operations Management :

- Oversee daily security operations and lead the Security Operations Center (SOC) team.

- Develop and enforce security policies, procedures, and guidelines.

- Manage vulnerability scanning, penetration testing, and threat monitoring activities.

- Ensure all security tools (firewalls, IDS/IPS, DLP, SIEM) are properly configured, maintained, and updated.

Incident Response and Management:

- Lead investigations and response to security incidents, breaches, or cyberattacks.

- Perform root cause analysis and post-incident reporting.

- Ensure incident response plans are regularly tested and optimized.

Threat and Vulnerability Management :

- Manage and review system vulnerabilities and threats and implement risk mitigation strategies.

- Perform regular risk assessments and security audits to identify and address security gaps.

- Collaborate with DevOps and infrastructure teams to integrate security best practices in all systems.

Compliance and Governance :

- Ensure compliance with security regulations, standards, and frameworks (ISO 27001, NIST, GDPR, etc.).

- Maintain up-to-date documentation of security controls and processes.

- Coordinate internal and external security audits, including audits related to compliance.

Leadership and Team Development :

- Supervise and mentor junior security analysts and engineers.

- Provide guidance on career development, training, and certifications.

- Collaborate with HR and senior leadership to define security team goals and objectives.

Vendor and Stakeholder Management :

- Liaise with third-party vendors to assess security tools and technologies.

- Work closely with other business units, such as IT, legal, and finance, to ensure security objectives are aligned with business priorities.

Security Awareness and Training :

- Develop and implement IT security awareness training programs for employees.

- Foster a culture of security awareness across the organization.

- Perform a phishing simulation exercise at the organizational level and assess the associated risks.

Rounds of Interview : There would be two to three rounds of interview by tech panels.