Hiring for leading companies - IT manager (Information system and security)

Job Description:

Profile summary:
The Manager (Information Systems and Security) is responsible for overall ‘Information
Technology Services (ITS) function and in defining, implementing and documenting relevant
processes, procedures and standards. This role will be in charge of establishing and maintaining
an organisation wide information systems, infrastructure, and security, management program to
ensure that information assets are well performing, fully functional in a secure mode, adequately
protected, monitors inventory tracking and renewals or upgrade requirements. This position is
responsible for identifying, evaluating and reporting on information systems performance, and
security risks, in a manner that meets compliance and regulatory requirements, and aligns with
and supports the risk posture of the enterprise. The role serves as the process manager of all
assurance activities related to the availability, integrity and confidentiality of customer, business
partner, employee and business information in compliance with the organization's information
protocols and security policies.
Role and Responsibilities:
The Manager (Information Systems and Security) undertakes IT organization's technical
activities and is responsible to provide regular status and service-level reports to management.
The individual should be a critical thinker, a consensus builder, and an integrator of people and
processes must also be able to coordinate disparate drivers, constraints and personalities, while
maintaining objectivity and a strong understanding of overall organizational business objectives.
The role keeps an eye on the IT support, logistics, and security, for in-premises, and off-premises
distributed and virtual workforce, and is a developing opportunity for more strategic
responsibilities in due course of time, the extent of duties include but not be limited to:
• Manage information technology, computer systems, LAN, WIFI, and WAN (internal, external,
internet and/or cloud based); and maintain, enhance, implement and coordinate IT assets,
systems, policies and procedures
• Mentor other IT staff by recruiting, training and coaching employees, communicating job
expectations and providing inputs for evaluating their performance
• Audit systems and networks, and assess their outcomes; Identify problematic areas and
implement strategic solutions; and plan, organize, control and evaluate IT and electronic data
operations; and ensure operations, safety and security of data, network access and backup
systems
• To keep up to date with IT systems and security trends, threats and control measures; and
preserve assets, information security and control structures; maintain a knowledgebase as a
technical reference library, systems and security advisories and alerts, information on IT
trends and practices, and laws and regulations.
• To be proactive in making recommendations for updates to policies & procedures as required.
• Manage the day-to-day activities of IT infrastructure performance and associated threat and
vulnerability management; conduct technical vulnerability assessments of IT
systems/processes, identify vulnerabilities and risks, and to make recommendations to
control any threats and to ensure solutions are implemented.
• To respond rapidly and effectively to operational IT components of incident management,
including detection, response and reporting; including computer forensics for evidence
gathering and preservation and efficient liaison with external and law enforcement agencies
as/when required
• To be responsible for the coordination of regular Information systems performance and
security reviews in the organization, and with partner organisations, by conducting
assessments for systems, processes and infrastructure, and making recommendations to
minimize risks identified.
• Assure all IT activities are performed within the parameters of policies, applicable laws, and
regulations

Manager - Information Systems and Security
• Ensure smooth, reliable and resilient IT services; and analyse business requirements by
partnering with key stakeholders, including technology, audit, legal, HR and others, across the
organization to develop solutions for IT needs, as required
• Proactively engage in the planning and implementation of business continuity plan /disaster
recovery plan
• Handle business-critical IT tasks and systems administration; and continuously analyse
current process, technologies, and vendors to identify opportunities for improvement
• Manage outsourced vendors that provide information systems, infrastructure, and security
functions, for compliance with contracted service-level agreements
• Develop and monitor annual IT budgets, manage variances, and ensure cost effectiveness, and
periodic maintenance and renewal/upgrades plans
• To work closely with the management to assist and provide inputs to ensure that
organizational policies and procedures for Information Security are effective and
compliances are adhered to.
• To oversee the ISS information security risk-register and carry out actions to mitigate risks
identified
• To manage other activities that may arise through evolution, growth or restructuring
• Train employees on both software and hardware, troubleshoot, and provide technical
support when needed
• Inspire continuous improvement of all IT team processes and initiatives: Continually driving
operational excellence
• Define a comprehensive security roadmap that includes cutting edge trends within
Applications, APIs, Data networks; and help our clients mitigate known risks and pre-empt
unknown threats to safeguard data, networks, people and assets
• To work in a mixed Windows and Unix software environment. Manage the instances of cloud
infrastructure services and the multiple cloud servers. Leads, oversees and maintains,
multiuser computing environment as per the requirements of the organization.

General Requirements:
• B. Tech/B. E. in Computer Science or IT, or similar related field, from an institute of repute;
[BSC. or Diploma Candidates may also apply]. Additional certifications in
Information/Network security, Agile project management, Lean-IT, etc., preferred
• Typically, 11 to 14 years of experience in IT Systems and Security functions; exposure to
cloud-based infrastructure (AWS) for servers and storage required. Combination of
qualification and experience can be considered in lieu.
• Certification in ITIL4 is desired (or should be willing to learn and apply ITIL4 standards on
the job to demonstrate equivalent competence)
• Certification in ISO 2700x series for ISMS as internal auditor, is desired (or should be willing
to learn and apply the standards/requirements on the job to demonstrate equivalent
competence)
• Excellent knowledge of technical management, information analysis and of computer
hardware / software, servers, and networking systems
• Expertise in Linux (Ubuntu) operating systems, data management, and security governance
is required
• Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and
strategic goals.
• Exhibit excellent analytical skills, along with validated problem-solving ability, to work well
in a demanding and dynamic environment and planning skills, to meet overall organizational
objectives
• Strong critical thinking and decision-making skills; and highly organized and detail oriented
• Ability to mentor, develop, and guide, other IT personnel; and to work with minimal
supervision

Manager - Information Systems and Security
• Experience with IT management frameworks, e.g. ISO2700x, ITIL, ISO 9000 etc.; maintaining
policies, procedures, standards and guidelines; and working with legal, audit and compliance
functions
• You possess networking knowledge and expertise, specifically LAN / WAN and wireless,
• Excellent verbal, written and interpersonal communication skills, including the ability to
communicate effectively with the IT organization, project and application development
teams, management and business personnel;
• In-depth knowledge and understanding of information systems, and risk, concepts and
principles as a means of relating business needs to system requirements and security controls
• Experience in system technology security testing (vulnerability scanning and penetration
testing).
• Strong technical knowledge of virtual machines such as IaaS, Writing Code (PaaS) and
Software as a Service (SaaS).