Manager - Information Security

About the role

Be the First to Apply Job Description Manager - Information SecurityJOB OVERVIEW The incumbent will be responsible for managing enterprise Information & Cybersecurity operations, compliance, risk assessments, and security assurance activities across applications, IT infrastructure, cloud platforms, and emerging technologies. The role supports the organization's overall security posture through proactive risk identification, incident management, security assessments, technology evaluations, and governance activities, while ensuring adherence to regulatory and corporate security requirements. KEY ROLES & RESPONSIBILITIES 1. Information Security Compliance Responsible for managing Information & Cybersecurity compliance requirements in line with internal security policies, regulatory frameworks, and industry best practices. Support internal and external audits, security certifications, and periodic compliance assessments across Piramal Pharma entities. 2. Risk Assessment & Risk Management Perform periodic risk assessments for key business applications, IT infrastructure, cloud workloads, and third‑party platforms. Ensure security risks are identified, documented, tracked, and mitigated through appropriate risk treatment plans in coordination with IT and business teams. 3. Application, Infrastructure & Network Security Manage and coordinate application security practices including penetration testing, vulnerability assessments, secure configuration reviews, and remediation tracking. Support endpoint security, network security, data leakage protection (DLP), and continuous security monitoring activities. Track and closure of security findings arising from assessments, audits, and incidents. 4. Cloud Security Support design, implementation, and monitoring of cloud security controls across public and hybrid cloud environments (AWS / Azure / GCP, as applicable). Perform cloud security risk assessments covering cloud-hosted applications, workloads, identities, and data repositories. Ensure adherence to cloud security best practices , internal standards, and regulatory requirements, including shared responsibility considerations. Work with infrastructure and application teams to review secure cloud architectures , IAM configurations, logging, monitoring, and baseline hardening. Coordinate remediation of cloud security gaps identified through assessments, audits, or monitoring activities. 5. AI & Emerging Technology Security Support security and risk assessments of AI / ML-based tools and platforms , including internally developed and third‑party solutions. Evaluate data security, privacy, access control, and compliance risks associated with AI use cases. Ensure AI and emerging technology solutions comply with organizational Information Security, Data Protection, and regulatory requirements . Assist in defining and enforcing security guardrails for responsible use of AI technologies , including data usage, access, and output handling. Participate in Proof of Concept (PoC) evaluations of AI, automation, and emerging technologies from an Information Security standpoint. Track evolving AI security threats and risk scenarios and recommend appropriate mitigation controls. 6. Security Incident Management Ensure potential security incidents are correctly identified, analyzed, investigated, documented, and reported. Coordinate with SOC, IT teams, and external partners for timely containment, remediation, and post‑incident reviews. Support ongoing operational components of Enterprise Information Security. 7. Security Reporting & Governance Periodically prepare and present reports on IT security compliance, risks, incidents, and overall security posture to Information Security leadership and the CISO. Maintain security dashboards, metrics, risk registers, and audit evidence for management and regulatory reporting. 8. Cybersecurity Technology Evaluation Evaluate new cybersecurity solutions and perform Proof of Concept (PoC) activities based on business and security requirements. Provide technical assessments and recommendations for adoption, enhancement, or replacement of security tools. 9. Business Continuity Management (BCM) Manage and support the Business Continuity Management (BCM) program in line with regulatory and organizational requirements. Coordinate BCP and DR drills, gap assessments, documentation reviews, and corrective action tracking with IT and business stakeholders. 10. Vendor & Third‑Party Security Work with IT vendors, service providers, and partners to ensure adherence to contractual security and compliance requirements. Support third‑party risk assessments and security due‑diligence activities. SKILLS & COMPETENCIES Strong knowledge of Information Security frameworks, risk management, and compliance Hands‑on exposure to vulnerability management, penetration testing coordination, and incident response Working knowledge of cloud security concepts and shared responsibility models

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at piramalpharma? Share your experience