Job Title: Information Security & Data Protection Officer (DPO) ManagerLocation: gurugramExperience: 67 yearsEmployment Type: Full-TimeAbout the RoleWe are seeking a highly skilled and motivated InfoSec/DPO Manager to lead our organizations information security, data protection, and compliance initiatives. The ideal candidate will have 67 years of experience in information security and data privacy, with a strong grounding in IT systems, processes, and infrastructure. This role will be central to ensuring that the companys information assets are secure, compliant with regulatory requirements, and aligned with best industry practices.Key ResponsibilitiesInformation Security ManagementDevelop, implement, and maintain the organizations information security policies, standards, and procedures.Conduct regular risk assessments, vulnerability assessments, and penetration tests to identify and mitigate threats.Monitor security systems, incident reports, and ensure timely resolution of issues.Data Protection & Compliance (DPO Role)Act as the Data Protection Officer in compliance with GDPR, DPDP Act (India), and other applicable data protection regulations.Ensure company-wide compliance with data privacy laws, security frameworks (ISO 27001, SOC 2, etc.), and industry best practices.Conduct regular audits to ensure adherence to security and privacy obligations.Manage data subject requests (DSARs), privacy impact assessments (PIAs), and liaison with regulatory authorities as needed.IT & Security IntegrationCollaborate with IT teams to implement secure infrastructure, network security, access controls, and endpoint protection.Provide guidance on secure system design, cloud security, and data lifecycle management.Lead investigations of IT-related security incidents, breaches, and root cause analysis.Governance, Risk & TrainingMaintain and track compliance with security and privacy KPIs.Develop awareness programs and training for employees on cybersecurity and data protection.Lead internal and external audits on InfoSec and data protection.Qualifications & SkillsBachelors degree in Computer Science, Information Technology, Cybersecurity, or related field. (Masters preferred)67 years of relevant experience in information security, data protection, and IT security operations.Strong knowledge of GDPR, DPDP Act, HIPAA, and other global privacy laws/regulations.Experience with ISO 27001, SOC 2, NIST, CIS Controls, PCI DSS frameworks.Hands-on IT security expertise (firewalls, intrusion detection/prevention, cloud security, identity & access management).Certifications such as CISSP, CISM, CISA, ISO 27001 Lead Auditor, CEH, or CIPM/CIPP are highly desirable.Strong analytical, communication, and stakeholder management skills.What We OfferOpportunity to lead InfoSec and Data Protection strategy for a growing organization.Exposure to international compliance frameworks and cutting-edge security practices.A collaborative, inclusive, and technology-driven work environment.
