This site uses cookies. To find out more, see our Cookies Policy

Information Security Manager in Gurugram at Elevate

Date Posted: 7/6/2018

Job Snapshot

  • Employee Type:
  • Location:
  • Experience:
    Not Specified
  • Date Posted:

Job Description

Manager - Information Security

Help us shape the future.  Elevate is changing the way legal support services are delivered and we are looking for creative, innovative people who can help.  If you are a client-focused professional who wants your creative and innovative ideas to make a difference, Elevate's team of legal service experts could be the right fit for you.

As an Information Security Manager, you will be responsible for protecting the organization and its client Information. Adherence to Elevate and its client governance and security requirement. Protecting Elevate and its client technology e.g. servers, computers, networks and data against threats, such as security breaches, computer viruses or attacks by cyber-criminals. These intrusions can disrupt an organization’s information technology systems or lead to a loss of confidential information. When that happens, the organization can lose revenue and may face fines from regulatory agencies for failing to protect data. That makes the job of the information security manager strategically important.

You might be the right person if you:

  • High level of attention to detail
  • Ability to work independently and respond to multiple and conflicting requests under tight deadlines and in a dynamic working environment
  • Ability to analyse deployment/build processes and schedules and identify areas of risk or conflict
  • Flexibility in adjusting schedules to meet deadlines Excellent interpersonal skills to interact with technical teams
  • Ability to assess quickly to the current configuration management and build process. Demonstrate accuracy and thoroughness; looks for ways to improve and promote quality; applies feedback to improve performance; monitors own work to ensure quality

Specifically you will:

  • Carry out Privacy risk and impact assessment for client operations and technology infrastructure
  • Assist Risk management functional leaders in overseeing compliance activities relating to information security
  • Promote security awareness by developing and implementing a security awareness and training program
  • Establish metrics and regular reporting mechanisms for measuring success
  • Assess security protocols and recommend upgrades, patches, new applications and equipment, as needed
  • Assist in vendor security risk assessments with business stakeholders and manage deficiencies & exceptions
  • Assist in writing security policies for Elevate
  • Assist in Information Security governance process including Policy and Standards across the organization
  • Manage ISO 27001 ISMS audits and certification program
  • Provide oversight on the reporting and assist IT Stakeholders in defining IT strategy, information architecture and other technology directions
  • Conduct assessment / review of IT processes and recommend action for improving IT governance maturity using reference frameworks like ISO 27001/ ITIL/others
  • Operate and maintain the Information Security Management System (ISMS) of IT services based on ISO 27001
  • Plan and implement ISMS in key business functions
  • Assess and manage information risks enterprise risk management
  • Manage Information Security policy and procedure documents, including but not limited to incident response, IT security policy, segregation of roles and responsibilities, audit plans, methodology, risk register, etc
  • Develop and institute standards, policies, procedures, guidelines
  • Maintain compliance to accreditations/certifications like ISO 27001 (surveillance, re certification audits)
  • Assist in compliance to policies and all applicable external regulations as required.
  • Oversee Security Awareness program at organizational level including the Information Security training programs for staff and work towards continuous improvements.
  • Interface with business users, collect their feedback on Information Security performance, and drive improvements
  • Provide reports to senior management for review of information security risk and governance
  • Keep abreast with latest security and privacy regulations, advisories and alerts


  • 8 years of experience in the field of Information Technology & Security audits
  • At least 5 years of Information Systems & Security audit experience
  • Experience in implementing IT controls within the IT governance framework and designing overall governance framework using standards like ISO 27001/ITIL
  • Understanding and experience with risk and compliance (GRC) concepts / tools
  • Working hands-on knowledge of ISO 27001, ITIL
  • Preferred, exposure to Financial Services industry

Skills for Success:

  • Strong background in information technology with a clear understanding of the challenges of information security
  • Excellent problem solving skills and analytical skills
  • Communicate clearly and effectively, both verbally and in writing
  • Be organized and clearly document changes, problems, investigations and communication
  • Ability to learn new technologies and frameworks and deliver high quality work product in a fast moving IT environment
  • Thrive as a team player in a dynamic, fast moving development environment
  • Can successfully multi-task and prioritize activities to meet client expectations

Technical Skills:

  • MS Office
  • MS Visio
  • MS Outlook


  • Bachelor of Engineering or equivalent
  • Prefer certifications such as CISA, CISSP, CISM, CEH, ISO27001 LA required at least two certifications