Manager
- Infogain
- 12 - 14 years
- Noida, Gurugram
- 1 month ago
- Email to a friend
- Report this job
Job Description
-
Lead the implementation, maintenance, and continual improvement of the ISO 27001 Information Security Management System (ISMS)
-
Manage ISMS documentation including policies, procedures, risk treatment plans, and Statement of Applicability (SoA)
-
Plan and execute internal audits, coordinate external audits, and drive closure of non-conformities
-
Conduct management reviews and ensure ongoing compliance with ISO 27001 controls
-
Own and manage the enterprise information security risk register
-
Conduct periodic risk assessments for:
-
IT infrastructure, endpoints, networks, cloud (Azure/AWS), applications, and data
-
Third-party vendors and outsourced services
-
-
Drive risk treatment planning, mitigation tracking, and risk acceptance workflows
-
Support business teams in risk-based decision-making and control validation
-
Ensure compliance with relevant standards and frameworks such as:
-
ISO 27001, SOC 2 Type II
-
GDPR, PDPA, CCPA
-
IT Act and contractual security requirements
-
-
Support customer audits, security questionnaires, and compliance evidence submissions
-
Work closely with Legal, HR, IT, and Business teams for governance alignment
-
Maintain compliance dashboards and periodic reporting to leadership
-
Support implementation of privacy and data protection controls aligned to:
-
GDPR (EU/UK)
-
PDPA (as applicable to customer/region)
-
CCPA (US privacy requirements)
-
-
Assist in privacy governance activities such as:
-
Data classification and handling requirements
-
Supporting DPIAs / privacy risk assessments
-
Supporting breach notification processes and compliance reporting
-
-
Coordinate with Legal and business stakeholders for privacy-related compliance evidence
-
Conduct vendor security and privacy assessments (including cloud and SaaS providers)
-
Validate vendor controls and ensure contractual security and privacy requirements are met
-
Support onboarding/offboarding compliance checks and periodic vendor reviews
-
Drive security policy updates and periodic reviews across the organization
-
Support security awareness programs, compliance training, and audit readiness campaigns
-
Support incident response from a governance/compliance perspective
-
Ensure evidence collection, RCA tracking, and closure of corrective/preventive actions (CAPA)
-
Monitor control effectiveness through periodic checks and audits
- 12-14 Years
- Primary Skill: Information Security
- Sub Skill(s): ISMS
- Additional Skill(s): GDPR, ISMS
Job Classification
Industry: IT Services & ConsultingFunctional Area / Department: IT & Information SecurityRole Category: IT SecurityRole: Manager Information SecurityEmployement Type: Full timeContact Details:
Company: InfogainLocation(s): Noida, Gurugram
Keyskills: RCA Assurance ISMS SOA Compliance HP data protector Information security ISO 27001 Risk management Auditing
Similar positions
Infogain
A Silicon-Valley headquartered company, Infogain is a global business oriented IT consulting provider of front-end, customer-facing technologies, processes and applications, leading to a more efficient and streamlined customer experience. We want our clients€™ interactions with their cus...
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in