Job Title

We are seeking an experienced and dedicated Assistant Manager to join our Compliance team within the CISO Office. The ideal candidate will play a pivotal role in managing our compliance initiatives and overseeing critical security tools. This position is reported directly to the Chief Information Security Officer (CISO). Job Description:- ❖Lead the implementation and maintenance of ISO 27001:2022 compliance across the organization. ❖Oversee compliance efforts for SOC 2 Type 2, SOX, and upcoming standards like GDPR, DPDPA, PCI DSS, and ISO 27701:2019. ❖Coordinate with external auditors and manage audit processes. Develop, update, and enforce information security policies, standards, and procedures. ❖Security Tools Management: Manage and optimize security tools including CrowdStrike EDR, SIEM systems, PAM, DAM, and firewalls. Ensure the security and integrity of Active Directory (AD) and its associated security measures. Oversee the patch management process to ensure timely updates and vulnerability remediation. ❖Risk Assessment & Mitigation: Conduct regular risk assessments and vulnerability analyses. Develop and implement strategies to mitigate identified risks. Monitor compliance with information security policies and procedures, and report non-compliance issues. ❖Collaboration & Communication: Work closely with IT, legal, and business units to ensure alignment of security and compliance objectives. Provide training and awareness programs to employees about compliance requirements and security best practices. Stay updated on emerging security threats and compliance regulations to inform strategic planning. ❖Reporting: Prepare detailed reports on compliance status, risk assessments, and security incidents for senior management. Maintain accurate documentation of compliance activities and audit findings. Required Skills:- ❖Certifications: Professional certifications such as CISSP, CISA, CISM, or ISO 27001 Lead Implementer/Auditor are highly desirable. ❖Technical Skills: Proficient in managing and configuring security tools: CrowdStrike Endpoint Detection and Response (EDR) Security Information and Event Management (SIEM) systems Privileged Access Management (PAM) solutions Database Activity Monitoring (DAM) tools Firewalls and network security devices Active Directory (AD) security and administration Patch Management solutions Strong understanding of IT infrastructure, network security, and application security. Knowledge of regulatory requirements and industry standards in information security. ❖Soft Skills: Excellent communication and interpersonal skills. Strong leadership and team management abilities. High level of integrity and professionalism. Exceptional analytical and problem-solving skills. Ability to work effectively under pressure and manage multiple priorities. Reporting Structure: This position reports directly to the Chief Information Security Officer (CISO). Qualification & Experience:- ❖Bachelor’s degree in computer science, Information Security, or a related field. Security Certifications are plus. ❖Minimum 2-5 years of experience in information security compliance and risk management. Proven experience with ISO 27001:2022 implementation is mandatory. ❖Familiarity with SOC 2 Type 2, SOX, GDPR, DPDPA, PCI DSS, and ISO 27701:2019. ❖Experience in the travel industry or a rapidly growing company is advantageous. CTC:- 4 to 5LPA