Manager - Information Security
Full-time
Associate
Job Overview
Experian India is looking for an Information Security Manager
What you’ll be doing (Job responsibilities for this role)
Regulatory Compliance & Governance
- Ensure adherence to Reserve Bank of India (RBI) cybersecurity directives and other applicable regulatory frameworks.
- Lead internal audits and coordinate with external auditors for compliance assessments.
- Maintain up-to-date documentation and evidence for regulatory inspections and certifications.
2. Vulnerability & Risk Management
- Oversee the vulnerability management lifecycle, ensuring timely identification, prioritization, and remediation of security gaps.
- Collaborate with IT and development teams to implement and track remediation plans.
- Conduct periodic risk assessments and report findings to senior leadership.
3. Secure Configuration & Architecture
- Define and enforce secure configuration baselines for systems, applications, and network devices.
- Review architecture and design of new systems to ensure alignment with security best practices.
4. External Certifications
- Lead and manage certification processes such as ISO 27001, PCI DSS, and other relevant standards.
- Ensure continuous compliance and readiness for surveillance and recertification audits.
5. Data Loss Prevention (DLP)
- Manage and monitor DLP policies to prevent data leakage and unauthorized access.
- Investigate and respond to DLP alerts in coordination with relevant teams.
6. Security Assessments & Incident Response
- Conduct security assessments for new applications, third-party integrations, and infrastructure changes.
- Support incident response planning, execution, and post-incident reviews.
7. SIEM & Threat Detection
- Oversee the development and optimization of SIEM use cases to enhance threat detection and response.
- Work with SOC teams to ensure effective monitoring and alerting.
8. Training & Awareness
- Design and deliver security awareness programs to foster a security-first culture across the organization.
- Conduct targeted training for high-risk departments and roles.
9. Leadership & Collaboration
- Actively participate in the Information Security Steering Committee
Drive a culture of risk ownership and accountability across business and technology teams