IT Security Manager
Navi Mumbai, Maharashtra, India · На постоянной основе
Подайте заявку первыми!
- Опыт
- Любой
- Зарплата
- —
- Открытия
- 1
- Опубликовано
- 2 часа назад
- Режим работы
- В офисе
- Образование
- Любой выпускник
- Критерии отбора
- Any graduate or equivalent degree holder in Information Technology, Computer Science, or a related discipline can apply.
- Резюме
- Необходимо подать заявку.
Где вы будете работать
Описание работы
About the company
JiBe is a cloud-based, fully integrated ERP platform built for the shipping sector. It is designed to help shipping businesses work more efficiently, improve productivity and safety, and lower operating costs. The system supports greater automation and smoother workflows while cutting down reliance on email and paper-based processes.
Role overview
The IT Security Manager will own key parts of the organization’s security, privacy, and data protection efforts. This role works under the CISO and partners closely with internal teams to strengthen governance, reduce risk, and ensure security practices are embedded across cloud, operations, compliance, and business processes.
Key responsibilities
- Run and sustain the company’s information security, privacy, and data protection programs as directed by the CISO.
- Make sure internal policies and external obligations are followed, including ISO 27001, SOC 2, and GDPR requirements.
- Coordinate with business and technical stakeholders to maintain consistent security governance across the organization.
- Manage AWS cloud security activities such as hardening, IAM oversight, and security posture reviews.
- Support governance and monitoring across AWS, Azure, and GCP environments.
- Introduce and maintain security controls like encryption, segmentation, cloud monitoring, and automated incident response.
- Work with DevOps and infrastructure teams to build security into cloud initiatives from the start.
- Oversee day-to-day security operations, including incident handling, threat tracking, vulnerability management, and risk assessment.
- Lead incident coordination to ensure quick containment, remediation, and reporting.
- Set and track security metrics and KPIs to evaluate program maturity and performance.
- Drive vulnerability assessments, penetration testing, and broader remediation efforts.
- Rank fixes by business impact and coordinate patching with IT teams.
- Ensure vulnerability processes remain aligned with industry standards and regulatory needs.
- Supervise IAM activities such as RBAC, user provisioning, and privileged access management.
- Maintain access controls that follow least-privilege and zero-trust principles.
- Own the creation, review, and improvement of security policies and standards.
- Assist with internal and external audits, certifications, and compliance work.
- Keep documentation and procedures aligned with frameworks such as ISO 27001, NIST, and SOC standards.
- Lead security awareness campaigns, phishing drills, and training programs across the organization.
- Build a strong security-first culture throughout the business.
- Manage and mentor security staff working across network, application, and cloud security areas.
- Provide technical guidance, performance support, and career development coaching.
- Encourage collaboration between security, IT, and business teams.
- Track regulatory changes and new cyber threats on an ongoing basis.
- Feed threat intelligence into the risk management process.
- Keep the organization prepared for emerging threats through proactive defensive measures.
- Support the CISO in shaping and executing the overall security strategy.
- Work with IT, Compliance, and Legal teams to implement security initiatives consistently.
- Assess and recommend tools, technologies, and practices that improve security maturity.
Skills and tools expected
The ideal candidate should understand enterprise security controls such as firewalls, SIEM, IDS/IPS, DLP, endpoint protection, and email security. Experience with modern security models such as zero trust, micro-segmentation, and secure network design is important. Hands-on AWS security knowledge is expected, including IAM, KMS, GuardDuty, CloudTrail, Security Hub, WAF, and related services. Familiarity with Azure and GCP security, cloud posture management, compliance controls, and cloud logging/monitoring tools will be useful. Strong command of ISO 27001/27002, SOC 1 and SOC 2, NIST CSF, GDPR, and data protection requirements is also needed. Familiarity with tools such as Nessus, Qualys, Burp Suite, Splunk, Wireshark, vulnerability management platforms, and SOAR automation is preferred. The role also calls for strong analysis, leadership, communication, prioritization, attention to detail, and stakeholder management.
Education
An undergraduate degree in IT, Computer Science, or a related field is expected. Any graduate or equivalent qualification is acceptable.
Preferred certifications
CISSP, CISM, CCSP, or AWS Certified Security – Specialty are strongly preferred. Additional credentials such as ISO 27001 LA/LI, CompTIA Security+, or CEH are considered an advantage.