HamburgerMenu
hirist
AI/ML

Artificial Intelligence

Machine Learning

NLP

Generative AI

Predictive Modeling

Query Segmentation

AI Interface

LLM

Deep Learning

MLOps

Security Architect - AI

Cloud Architect - ML/AI

Data Scientist

Data Modeling

Data Analytics

Data Analytics & BI

Data Engineering

Software Development

Backend Development

Frontend Development

Full Stack

Mobile Applications

Emerging Technologies

DevOps / SRE

CyberSecurity

Quality Assurance

Platform Engineering / SAP/Oracle

Product / Design

Product Management

Business Analysis and Project Management

UI & Design

Others

Semiconductor/VLSI/EDA

Others

Regional Information Security Manager - Vulnerability Management

EGIS India Consulting Engineers Pvt. Ltd.
Bangalore
10 - 12 Years
star-icon
4.2white-divider897+ Reviews
Information SecurityIT Security StrategyCyber SecurityISOSecurity ToolsVulnerability ManagementCISOSecurity Risk ManagementIncident ManagementiAM

Posted on: 29/01/2026

Job Description

Description :

Company Description :

Egis is an international player active in architecture, consulting, construction engineering and mobility services.

We create and operate intelligent infrastructures and buildings that respond to the climate emergency and contribute to more balanced, sustainable and resilient territorial development.

Operating in 100 countries, Egis puts the expertise of its 19,500 employees at the service of its clients and develops cutting-edge innovations accessible to all projects.

Through its wide range of activities, Egis is a key player in the collective organisation of society and the living environment of citizens all over the world.

With 3,500 employees across 8 countries in the Middle East, Egis has delivered over 700 complex development projects, stimulating economic growth and enhancing quality of life.

Ranked among the top ten firms in the Middle East by Engineering News Record (ENR), Egis is committed to sustainable development.

The Groups operations in the Middle East are built on strategic acquisitions and a deep understanding of local market conditions.

Egis long history of providing comprehensive engineering, consulting, and project management services makes it a trusted partner for regional governments, investors, and developers.

Job Description :

The Regional Information Security Manager (RISM) is part of the Group CIO Office team and reports functionally to the Group CISO and hierarchically to the Regional Chief Digital & Information Officer (CDIO).

He or she assumes responsibilities that actively contribute to reducing information security risks.

The role contributes directly to reducing information security risks by implementing, monitoring, and continuously improving the application of the Groups information security framework across multiple entities and jurisdictions.

Key Missions :

- Implement and monitor the application of the Groups information security policy across the assigned scope.

- Proactively identify risks, vulnerabilities, and improvement opportunities, and report them to the Group CISO.

- Contribute to the continuous evolution of the Groups information security strategy by providing field insights, lessons learned, and feedback.

- Collaborate with peer security managers to harmonize practices and coordinate responses to cross-entity or cross-border threats.

- Act within delegated authority from the Group CISO and escalate major risks, incidents, or policy exceptions as required.

Areas of Responsibility :

Information Security Policy Enforcement :

- Implement and monitor compliance with the Groups information security policy.

- Identify local specificities and propose adaptations to global guidelines to address regulatory, organizational, or cultural constraints.

- Contribute to the definition, update, and deployment of security procedures and instructions.

- Promote the nomination and engagement of security correspondents within entities and encourage participation in audits, awareness campaigns, and cross-functional initiatives.

Risk Assessment & Management :

- Assess risks, threats, and vulnerabilities related to local projects, infrastructure, and operations.

- Define and implement prevention and remediation plans adapted to identified risks.

- Monitor emerging threats and escalate all major or critical risks immediately to the Group CISO.

Security Awareness & Communication :

- Deploy security awareness and communication programs tailored to local contexts.

- Adapt awareness materials (translations, examples, scenarios) to maximize impact.

- Measure campaign effectiveness and propose improvement actions, reporting outcomes to the Group CISO.

Audit & Compliance :

- Monitor compliance with Group security policies and applicable local and international regulations.

- Identify deviations, propose corrective action plans, and alert the Group CISO when required.

- Coordinate internal audits and oversee corrective actions with local stakeholders.

- Act as the point of contact for external audits, regulators, and security-related disputes, escalating exceptions as necessary.

- Validate corrective action plans for major deviations prior to Group CISO approval.

Security Incident Management & Business Continuity :

- Serve as the primary point of contact for security incidents within the assigned scope.

- Coordinate incident response in line with global procedures and provide real-time reporting on major or critical incidents.

- Implement immediate protective measures during crises.

- Work closely with the SOC to detect, manage, and respond to incidents.

- Coordinate internal and external communications during major incidents in alignment with the Group CISO.

- Ensure incidents are documented in the Group incident management system.

- Contribute to the adaptation and testing of Business Continuity Plans and report results for Group consolidation.

Identity & Access Management :

- Approve or reject privileged access requests based on the principle of least privilege.

- Escalate exceptions requiring strategic arbitration.

- Oversee the proper functioning of identity and access management processes across entities.

Architecture & IT Projects :

- Validate compliance of IT projects with Group security requirements before submission for approval.

- Provide security expertise for cross-entity and cross-border initiatives.

- Participate in project governance forums to represent security considerations.

- Ensure security requirements are embedded throughout project lifecycles.

Third-Party & Vendor Security :

- Ensure security requirements are incorporated into contracts with service providers in collaboration with procurement and legal teams.

- Monitor service provider compliance with Group standards while accounting for local legal or technical constraints.

- Require and review security assessments for service providers and report residual risks.

Continuous Improvement & Security Watch :

- Monitor regulatory, technological, and threat landscape developments.

- Identify opportunities to enhance tools, processes, and controls.

- Share feedback, incidents, and best practices with Group security leadership and peers.

- Propose and pilot security improvement initiatives where appropriate.

Reporting & Coordination :

- Provide regular reporting on security posture, compliance, incidents, and emerging risks.

- Contribute to Group security governance forums and cross-functional initiatives.

- Supply required indicators and KPIs for Group reporting.

- Work closely with Data Protection, IT, and business teams to integrate security into operational processes.

- Act as the primary security point of contact for entities within scope.

Mergers & Acquisitions :

- Support security risk assessments for potential acquisitions upon request.

- Contribute to system integration activities and oversee alignment with Group security standards during transition phases.

Budget & Resources :

- Contribute to prioritization of security investments based on risk.

- Support budget planning and monitor the use of allocated security budgets.

- Coordinate and guide local security correspondents where applicable.

Qualifications :

Education & Experience :

- Masters degree or equivalent in computer science, engineering, or information security.

- 10+ years of experience in information security, preferably in a multi-site or international environment.

- Exposure to regulated environments and complex organizational structures.

Technical Skills :

- Strong knowledge of international security standards (ISO 27001/27005, NIST, GDPR) and relevant local regulations.

- Experience with security technologies (SIEM, SOC, firewalls, endpoint protection, cryptography, vulnerability management).

- Solid understanding of IT architectures, operating systems, and security governance.

- Experience managing complex, cross-functional initiatives.

Soft Skills :

- Strong stakeholder management and leadership capabilities.

- Ability to balance security requirements with business constraints.

- Excellent communication and presentation skills.

- Autonomous, structured, and proactive working style.

- High ethical standards, discretion, and resilience under pressure.


info-icon

Did you find something suspicious?

Similar jobs that you might be interested in

Posted by

Monalisa Sarangi

Senior Manager- Human Resources at EGIS India Consulting Engineers Pvt. Ltd.

Last Active: 29 Jan 2026

Job Views:  
106
Applications:  35
Recruiter Actions:  0

Posted in

CyberSecurity

Functional Area

Cyber Security

Job Code

1607284

Jobs by location

Interview Questions for you

View All
Blog for regisnation

How to Write Leave Application for Urgent Work: Format & Samples (2025)

Blog for regisnation

Top 90+ Machine Learning Interview Questions and Answers

Blog for regisnation

Top 40+ Deep Learning Interview Questions and Answers