Senior Manager-Information Security
Noida, Uttar Pradesh, India
Sopra Steria
Sopra Steria, a European Tech leader recognised for its consulting, digital services and software development, helps its clients drive their digital transformation to obtain tangible and sustainable benefits.Company Description
About Sopra Steria
Sopra Steria, major Tech player in Europe recognised for its consulting, digital services and software development, helps its clients drive their digital transformation and obtain tangible and sustainable benefits. It provides end-to-end solutions to make large companies and organisations more competitive by combining in-depth knowledge of a wide range of business sectors and innovative technologies with a fully collaborative approach. Sopra Steria places people at the heart of everything it does and is committed to putting digital to work for its clients in order to build a positive future for all. With 50,000 employees in nearly 30 countries, the Group generated revenue of €5.1 billion in 2022.
The world is how we shape it.
Job Description
Senior Manager - Information Security
Experience: 12+ years
Location: Noida
Candidate Profile:
Should have in-depth understanding of ISO 27001:2013, ISO 27001:2022, GDPR, DPDP Act, and other equivalent standards and Information Security Management System (ISMS) implementation for the organization.
Should be well versed with firewalls, proxies, SIEM, antivirus, and IDPS concepts. Should have decent understanding of Application Security.
Should know Cloud Security best practices and assessment (crypto specifics HSM & Vaults).
Should have strong understanding of NIS2, MITRE ATT&CK Framework, OWASP Standards, etc.
Should be able to:
- Formulate new and evolve existing policies with respect to changing technologies and business dynamics
- Understand business needs and risks assessment, in order to ensure appropriate security controls
- Perform effective ISMS audits on IT Projects, internal systems and third-party audits, w.r.t., ISO 27001:2022, NIS2, MITRE ATT&CK Framework, OWASP Standards as required in order to maintain compliance and certifications
- Coordinate the information security compliance initiatives across the organization
- Work with organizational Functions/Delivery accounts to ensure employees are aware of information security issues, are trained in information and data security best practices, and are practicing safe/secure data collection, data transfers and storage, and use of social media, mobile devices, and apps, among others
- Work with Support functions in managing and improvising the information security management system, by monitoring internal systems to ensure that appropriate controls are maintained
- Track, report and escalate violations of information security policy
- Investigate Information Security incidents and data breaches, and implement additional controls as and when necessary
- Building awareness and competences in the area of Information Security and Data Protection for new and existing employees
- Strong understanding of privacy regulations such as GDPR, Draft India Data Protection Bill and privacy frameworks
- Should have experience in at least 3 end to end privacy assessment & implementation projects (GDPR, DPDP, other country specific regulations)
- Interview client stakeholders and develop project artifacts such as Privacy Impact analysis, data flow diagrams & identify gaps
- Experience in implementation and use of privacy enhancing technologies and design of data privacy framework.
Qualifications
B. Tech., Science Graduate
Additional Information
At our organization, we are committed to fighting against all forms of discrimination. We foster a work environment that is inclusive and respectful of all differences.
All of our positions are open to people with disabilities.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Antivirus Application security Audits Cloud Compliance Crypto Firewalls GDPR ISMS ISO 27001 MITRE ATT&CK Monitoring NIS2 OWASP Privacy SIEM
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Analytics-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs