Information Technology Security Manager - GRC Tools (1-2 yrs)

Location: Gurgaon.

Designation- : Manager | Sr.

Manager | Chief Manager (depending on the experience and expertise).

Job Summary :

- We are seeking an experienced IT Security Manager to lead our Governance, Risk, and Compliance (GRC) efforts.

- The successful candidate will be responsible for managing information security governance, risk management, compliance, and vulnerability management.

- The ideal candidate will have experience in IT security, risk management, and compliance, with a strong understanding of industry standards and best practices.

Key Responsibilities :

Information Security Ticket Management :

- Manage IT security tickets raised on the SUMMIT ticketing system.

- Raise and close exceptions as required.

- Maintain compliance with governance and audit observations.

Vulnerability Management :

- Create vulnerability reports using available tools.

- Collaborate with the IT-Infra team to perform vulnerability tests.

- Monitor computer networks for security issues.

Risk Management :

- Generate threat reports for executive overview.

- Manage security tools, automated scans, and report analysis.

- Conduct risk assessments and build Risk and Control Matrices (RCM).

- Develop risk treatment plans based on Recovery Time Objective (RTO) and Recovery Point Objective (RPO).

ISMS (ISO 27001) :

- Manage compliance with ISO 27001:2013 standard.

- Support departments in implementing the information security management system (ISMS).

- Conduct sustenance reviews and audit readiness activities.

- Track progress towards ISO 27001:2013 certification.

BCP/DR :

- Establish disaster recovery procedures.

- Conduct security breach drills.

Change Management :

- Collaborate with the IT-Infra team to close changes.

- Monitor changes done on the system.

Accountabilities :

- Ensure 100% compliance with ISO 27001:2013 standard.

- Maintain accurate documentation of breaches and security incidents.

- Meet SLAs for response and closure of IT security tickets.

Working Relationships :

- SOC (Security Operations Center) leader (outsourced vendor).

- Auditors.

- Business stakeholders.

- CIT teams.

Requirements :

- Bachelor's degree in Computer Science, Information Technology, or related field.

- Minimum 5 years of experience in IT security, risk management, and compliance.

- Strong understanding of industry standards and best practices (e.g , ISO 27001, NIST).

- Excellent communication, leadership, and project management skills.

Nice to Have :

- Certification in IT security, risk management, or compliance (e.g , CISSP, CRISC, CISM).

- Experience with vulnerability management tools and techniques.

- Knowledge of cloud security and compliance frameworks.