The Senior Manager Information Security will spearhead the development and execution of a comprehensive information security strategy that supports the organizations business objectives and regulatory requirements. This role requires a strategic leader with deep technical expertise and proven experience managing enterprise security programs, risk management, and compliance initiatives.

Key Responsibilities :

Strategic Security Leadership :

- Develop and implement a comprehensive information security strategy aligned with the companys goals and industry best practices.

- Collaborate with executive leadership and business units to embed security principles into business processes and projects.

- Provide leadership and mentorship to the information security team, fostering a culture of continuous improvement and proactive risk management.

Security Operations & Incident Management :

- Oversee ongoing security monitoring, threat intelligence, incident detection, and response activities to protect organizational assets.

- Lead investigation and resolution of security incidents, coordinating cross-functional efforts to mitigate risks and remediate vulnerabilities.

- Manage vulnerability management programs, ensuring timely identification and mitigation of security gaps.

Policy, Framework & Compliance :

- Maintain and evolve the companys information security framework, policies, standards, and procedures to meet regulatory and compliance requirements (e.g., GDPR, HIPAA, ISO 27001).

- Ensure compliance with internal and external audit requirements and coordinate security-related audits and assessments.

- Drive governance processes to enforce adherence to security policies across the organization.

Security Technology Management :

- Oversee configuration, deployment, and administration of critical security infrastructure including SIEM, firewalls, Endpoint Detection and Response (EDR), antivirus (AV), Web Application Firewalls (WAF), and related security tools.

- Lead network security initiatives including segmentation, VPN setup, domain policies, and secure access controls to safeguard the organizations network environment.

Disaster Recovery & Business Continuity :

- Develop, maintain, and regularly test disaster recovery and business continuity plans to ensure organizational resilience.

- Conduct regular drills and tabletop exercises, working closely with IT and business teams to validate readiness.

Security Awareness & Training :

- Lead the design and implementation of security awareness programs to educate employees on cybersecurity risks, policies, and best practices.

- Promote a security-conscious culture through ongoing communication and training initiatives.

Qualifications :

- Bachelors degree in Computer Science, Information Technology, or a related discipline.

- 10 to 12 years of progressive experience in information security, including at least 5 years in a leadership or managerial role.

- Professional certifications such as CEH, CISSP, CISA, or CISM are mandatory.

- Extensive hands-on experience with security technologies such as SIEM, firewalls, EDR, AV, WAF, VPN, and network segmentation.

- Proven expertise in incident response, vulnerability management, risk assessments, and compliance frameworks (ISO 27001, NIST, GDPR, etc.).

- Strong understanding of disaster recovery, business continuity planning, and testing methodologies.

- Excellent leadership, communication, and stakeholder management skills, with the ability to influence at all levels of the organization.

Preferred Skills :

- Experience in cloud security and managing hybrid IT environments.

- Knowledge of emerging cybersecurity threats and mitigation techniques.

- Ability to develop and deliver executive-level reports and presentations.

- Strong project management skills and experience working with cross-functional teams.