IT Manager -Data Security

The IT Manager Data Protection & IT Security will be responsible for safeguarding organizational data, IT infrastructure, digital assets, and user access controls. The role will drive information security governance, regulatory compliance, risk mitigation, and enterprise-wide data protection frameworks aligned with business growth.

Key Responsibilities :

1. Information Security & Governance

• Develop and implement IT security policies, SOPs, and governance frameworks.
• Conduct regular vulnerability assessments and risk audits.
• Ensure compliance with applicable data protection regulations.
• Maintain IT risk register and mitigation roadmap.

2. Data Protection & Access Management

• Implement role-based access control and least-privilege principles.
• Ensure secure onboarding and exit access protocols.
• Oversee data classification, encryption, and secure data transmission.
• Manage DLP (Data Loss Prevention) mechanisms.

3. Infrastructure & Network Security

• Manage firewalls, endpoint protection, VPNs, antivirus, and cloud security.
• Monitor servers, email systems, and network architecture.
• Ensure device encryption and patch management compliance.
• Strengthen remote working security controls.

4. Audit & Compliance Management

• Lead internal IT audits and support external compliance audits.
• Prepare documentation for regulatory and client reviews.
• Ensure timely closure of audit observations.
• Maintain IT asset inventory and security logs.

5. Incident Response & Business Continuity

• Develop incident response plans for cyber threats and data breaches.
• Lead investigation and reporting of security incidents.
• Ensure robust backup, disaster recovery, and business continuity systems.

6. Vendor & Team Management

• Manage IT security vendors and third-party risk assessments.
• Oversee cybersecurity tools and renewals.
• Conduct employee awareness training on information security best practices.

Key Performance Indicators (KPIs)

• Zero major data breaches
• 100% access control compliance
• Timely audit closure
• Reduced IT security risks year-on-year
• Fully documented IT governance framework

Required Qualifications & Experience

• Bachelors degree in IT / Computer Science / Cybersecurity.
• 610 years of experience in IT Security / Infrastructure Security.
• Experience managing mid-to-large scale user environments (300+ users preferred).
• Strong exposure to compliance, audits, and risk mitigation.

Preferred (Not Mandatory)

• Experience in BPO / ITES / Contact Center environments.
• Exposure to client-driven audits (US/UK clients).
• Knowledge of PCI-DSS / HIPAA / GDPR / ISO 27001 frameworks.
• Security certifications such as CISSP, CISM, CEH, or ISO 27001 Lead Implementer.

Core Competencies

• Strong risk assessment & analytical skills
• Process-driven & documentation-oriented
• High confidentiality and integrity
• Structured and proactive approach
• Ability to align IT security with business priorities