Title: Manager-Infosec

Description:

Area(s) of responsibility

Information Security & Privacy Governance

Manage and continuously improve the Information Security Management System (ISMS) and Privacy Information Management System (PIMS)
Ensure compliance with ISO 27001:2022, ISO/IEC 27701:2019, and applicable privacy regulations (GDPR, local privacy laws, client‑specific requirements)
Drive security and privacy governance across corporate functions and client delivery projects

Audit & Assurance Management

Plan and manage internal audits, surveillance audits, and certification audits for ISO 27001 and ISO 27701
Act as audit lead and primary point of contact for external auditors and client auditors
Review audit evidence, validate findings, and ensure timely closure of non‑conformities

Client Audit & Compliance Support

Support client‑led audits, security assessments, and due‑diligence activities
Handle client security questionnaires, compliance attestations, and assurance requests
Representing Security and Privacy in client governance forums and reviews

Client Information Security Incident Management

Act as the primary point of contact for client‑related information security and privacy incidents
Coordinate incident identification, assessment, containment, investigation, and remediation in line with the organizational Incident Response Plan
Lead client communication during security incidents, including notifications, updates, and post‑incident reporting
Ensure timely escalation, root cause analysis (RCA), and corrective / preventive actions (CAPA) for client incidents

MSA / SOW Security & Privacy Review

Review Master Service Agreements (MSAs), Statements of Work (SOWs), and contractual documents from an Information Security and Privacy perspective
Identify security, privacy, and compliance risks and propose mitigations aligned with organizational standards

RFP & Business Support

Contribute to RFP/RFI responses by providing Information Security, Privacy, and Compliance inputs
Articulate security posture, certifications, controls, and differentiators to prospective clients
Collaborate with sales, legal, and delivery teams to support business growth initiatives

People & Stakeholder Management

Mentor and guide team members on audit execution, compliance, and client interactions
Work closely with Legal, HR, Procurement, IT, Delivery, and Sales teams
Act as a bridge between business objectives and security / privacy requirements

Continuous Improvement & Awareness

Identify opportunities to strengthen security and privacy controls, processes, and tooling
Support security awareness and privacy training initiatives
Stay current with evolving regulatory, contractual, and industry best practices

Skills Required :

9–12 years of experience in Information Security, Privacy, Audit, or GRC roles
Strong hands‑on experience with ISO 27001 & ISO/IEC 27701 audits
Professional certifications preferred: CISA, CISM, CISSP, ISO 27001/27701 Lead Auditor/Implementer
Experience working in client‑facing roles within IT services / consulting environments

Apply now »

Provider	Description	Enabled
LinkedIn	LinkedIn is an employment-oriented social networking service. We use the Apply with LinkedIn feature to allow you to apply for jobs using your LinkedIn profile. Opting out of LinkedIn cookies will disable your ability to use Apply with LinkedIn. Cookie Policy Cookie Table Privacy Policy Terms and Conditions
Google Analytics	Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Cookie Information Privacy Policy Terms and Conditions