• Manager - Information Security

    Job Post Information* : Posted Date 9 months ago(9/19/2017 2:13 PM)
    # of Positions
    Work Location (City/State)
  • Who We Are


    Every day, our solutions affect people throughout the world. From Fortune 100 companies to start-ups, GalaxE develops and implements strategic projects that are critical to the success of customers’ businesses and the lives of tens of millions of people.


    For over twenty-five years, we have grown and evolved into a multi-national firm that employs over 2000 team members worldwide. But we’re not done evolving. It took collaboration and innovation to get here, and it takes collaboration and innovation to get where we (and our customers) want to be tomorrow.  


    What does this mean for our employees? They have the security of an established company, with the benefits of working for a company where great minds, hard work, leadership and innovation are highly regarded and rewarded.


    As Thomas Edison said, “There’s a way to do it better – find it”. We want our employees to find it.


    We’re looking for creative people, with an entrepreneurial spirit, looking to work on awesome projects! Sound like you? Come work with us! Find out for yourself what it means to be part of the GalaxE team.


    It’s not always easy, but important work never is. #WeAreGalaxE


    Equal Opportunity Employer/Veterans/Disabled

    What You Will Do


    Job Title:  Manager - IS

    Reports to: Sr. Manager IS                                                                  Number of Positions: 1

    Job Summary

    The Manager IS –responsible for establishing and maintaining Information Security compliance aspects of GalaxE Offices towards Business Process, Review and identify associated risks in Customer agreements, SOW, MSA and compliance, Business Continuity Planning, Audit Compliance ISO27001 and 22301,Prepare audit reports and publish to senior management, Cross-Organization Collaboration, Vendor & Client Management, Data Centre and Disaster Management, implementing incident response and remediation for all security incidents and risk related service requests pertaining to network, security or technology related risks. S/He works collaboratively with Global Security and IS Support teams to perform operations and related monitoring and technical audits as required for GalaxE environments covering applications, infrastructure, and vendor / third party environments. S/He should be an excellent learner and quick to adapt new technologies with strong hands on experience in global SOC environments with strong knowledge and experience in various compliance and requirements. S/He should be willing to handle in 24x7 shifts. S/He should possess thorough understanding of Security devices and relevant threat patterns existing in todays’ landscapes. Candidate should possess good documentation skills to publish reports and dashboards. Experience in handling compliance preparing legal and regulatory checklists will be preferred.


    Job Responsibilities

    • Person responsible for establishing and reviewing SOW, MSA, customer agreements with associated risks and mitigation plan.
    • Person responsible for handling the global SOC team which includes helpdesk with 24X7 Support. Handle the IS function seamlessly. Provide completed periodic reports to upper management without any delays. Person should be able to handle the escalations from other project teams or senior management.
    • Person should be self-motivated, must understand the business reason to look bigger pitcher and also motivate the team to achieve set goals.
    • Person responsible to assign and track the work on daily basis. Prepare the carries plan for the team through SWAT analysis.
    • Person responsible for conducting internal audits and publish the reports to all stake holders and update the status periodically to senior management.
    • Person having sound understanding of ISMS, COSO, QMS, HIPAA, HITECH and other industry’s best practices and processes. Must be able to demonstrate the practical aspects by continual improvement.
    • Person responsible for identifying risks associated to Information, Data Centre, Technology, People, processes & all its components.

     Person responsible for

      • Legal and regulatory requirements and checklists.
      • Providing Daily, Weekly and monthly report to senior management.
      • Asset management (People, Process, Information, Technology)
      • Vendor governance
      • Performance evaluation
      • Contract management & Release management
      • End Point encompassing Asset life cycle management
      • Participate in change management lifecycle.
    • Person responsible for taking the requirements from projects from account heads and Deliver to the excellence.
    • promote and assist with the implementation of organization-wide information security solutions, which align the business objectives Develop plans, goals, objectives, and other project management aids for the implementation of security processes
    • Manage Data Leakage Protection monitoring
    • Manage and mitigate all data privacy risk
    • Provide feedback for all team which are signed and assist legal in understanding risks
    • Ensure plan is in place for remediation of risks.
    • Implement a robust information security awareness program. This includes rolling out standard/ guidelines and associated policies and process.
    • Interacts with the internal and external auditors and others to develop a network of peers to stay current of trends, rules, and regulations
    • Serve as single point of contact for GalaxE Infrastructure Support functional teams to process all request from auditors, and provide responses centrally
    • During research, to facilitate the discussion, staff inquiry, process review, conducting tests and examining supporting documentation to meet the objectives of the audit
    • Facilitate GIS service owner/heads with review on findings summary and provide timely written responses to the findings, including an action plan of how the recommendations will be implemented

    Skills and Experience You Will Need



    Manager –Information Security

    10 to 12 years

    Salary bracket of INR 8 to 12 lacs.


    Candidate must have good knowledge on


    1. reviewing the client SOW , MSA, Agreements provide the risks and controls.
    2. understanding the Legal and statutory requirements and provide the Risks associated and possible controls.
    3. writing policies, procedure and reports.
    4. Requirements, understanding the standards ISO 27001,  HIPAA, HITECH, QMS.
    5. Good communication skills.
    6. Reporting skills to present to senior management.
    7. Salary bracket of >8 lacs.
    8. VA and PT.



    • Any graduate
    • Skill of handling the team with 24X7 Support.
    • CEH, ISO27001:2013, ISO22310
    • 10-12+ years of experience in information Technology with at least 10 years in IS operations and management.
    • Desirable Experience IS/Service/Risk with frameworks like ISMS, NIST, COSO, Etc.
    • Expertise and sound understanding of Vulnerability and Penetration Testing methodologies
    • Experience to translate/communicate conceptual/technical data to Business Impact information.
    • Risk Management and BCP participation is an advantage.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed