Information Security Manager
Job Type: Permanent role with the Client
Position Summary:
We are seeking an experienced Information Security Manager with expertise in cybersecurity governance, risk management, and compliance (GRC). You will play a key role in developing, managing, and ensuring adherence to security controls, driving continuous improvement in cybersecurity maturity, and aligning business requirements with security policies. This position requires effective stakeholder management and the ability to influence senior leadership to integrate security practices across the organization.
Key Responsibilities:
- Lead the development, implementation, and continuous improvement of security controls, ensuring alignment with industry frameworks (e.g., NIST CSF, ISO 27001).
- Oversee risk management processes, ensuring cybersecurity policies and practices meet regulatory and internal compliance requirements.
- Act as the primary point of contact for cybersecurity policy, security controls, and risk management discussions with senior stakeholders, including CIOs, CISOs, and functional leaders.
- Influence senior leadership to gain buy-in for cybersecurity initiatives, promoting a culture of awareness and adherence to security controls across the organization.
- Oversee third-party security risk assessments, ensuring vendors meet internal security standards and compliance requirements.
- Manage the identification, assessment, and mitigation of cybersecurity risks, including emerging threats and regulatory changes.
- Drive continuous improvement in cybersecurity policies, controls, and risk management practices to meet evolving business needs.
- Develop learning materials, present on cybersecurity topics, and promote a continuous learning culture within the organization.
Qualifications:
- 10+ years of experience in cybersecurity, with expertise in risk management, compliance, and the development of security controls within large organizations.
- Industry-recognized certifications such as CISA, CISM, CRISC, CISSP, or equivalent.
- Strong knowledge of cybersecurity frameworks (e.g., NIST CSF, COBIT, ISO 27000 series) and hands-on experience in implementing security controls.
- Ability to analyze and develop cybersecurity solutions that align with business goals and regulatory requirements.
- Excellent communication and interpersonal skills with the ability to engage and influence senior stakeholders and cross-functional teams.
- Ability to communicate complex security concepts in a clear, business-oriented way.
- Ability to navigate organizational dynamics, anticipating challenges and leveraging resources to achieve cybersecurity goals.
- Strong leadership and change management skills, with a proven ability to drive security initiatives and build consensus among stakeholders.
If you are interested in this position, please click "Apply Now" and we will review your qualifications & reach out to you for further discussion & next steps.
Only shortlisted candidates will be responded to, therefore if you do not receive a response within 14 days, please accept this as notification that you have not been shortlisted.
Name: Kanya Kothandaraman
EA Licence No: 11C5502
Registration No: EAP Registration No: R1331365
