General Manager – Information Security

Full Time
Posted 3 years ago


Job Description : 

Purpose of the role

  • To ensure on-going compliance to Information Security standards & best practices and measure the effectiveness of overall posture of information security framework and suggest steps for improvements.
  • To develop strong information risk management processes.
  • To implement controls to ensure security & confidentiality of data in cooperation with other teams
  • To manage the Information Security team


Profile – Roles and Responsibilities
Areas of Responsibility & brief description Level
1. Ensure development & implementation of Information Risk Full
Management Framework
2. Ensure effective implementation of controls and security measures Full
in line with risks identified. Protect the system by defining access
privileges, control structures, and resources.
3. Undertake Initiatives to ensure continuous improvement of Full
implemented controls within budgets.
4. Implement security improvements by assessing current situation; Full
evaluating trends; anticipating requirements
5. Conduct periodic audits with a view to safeguard information system Full
assets by identifying and solving potential and actual security
6. Ensure successful outcome in external/internal audits conducted Full
7. Upgrade systems from time to time by maintaining security Full
controls and ensure implementation & maintenance of
ISMS(Information Security Management Systems)
8. Ensure high standards of Information Security service delivery Full
within time & budget.
9. Maintain quality service by following organization standards and Full
adherence to ISO 27001 standards
10. Maintain trackers for various activities done by IS team. Keep users Full
informed by preparing performance reports; communicating system
status, etc.
11. Provide information security guidance and recommendations to Full
various business units as required. Explaining and articulating
potential business risks to key stakeholders
12. Maintain & enhance technical knowledge of self and team by Full
attending educational workshops; reviewing publications.
13. Ensure professional development of all team members by providing Full
guidance and trainings as necessary
14. Manage the team effectively to ensure controls are deployed in a Full
secure and consistent manner.
15.  Ensure internal/external customer satisfaction Full
16. Maintain all documentation & records for Information Security Full
17. Ensure all documents are reviewed & updated periodically to Full
maintain relevance & correctness

Indicative KRA’s/Budgetary and Revenue Responsibilities


  1. Implement ISMS controls for operations in agreed timeframe


  1. Ensure no cost or time over runs while executing IS projects


  1. Ensure all IS risks in operations are identified, reported and mitigated to acceptable level


  1. Measure effectiveness of controls implemented and suggested improvements


  1. No “Reds” in internal/external audits


  1. Ensure all employees undertake IS awareness sessions on the LMS & pass the test


  1. No data breach incidents due to failure of implemented controls


  1. Ensure on going compliance to ISO 27001 standard


  1. Maintain trackers for various activities done by IS team

Qualification & Experience (Education, Experience, specific knowledge, skills, understanding, attitude)

Education: Minimum: Graduate with CISSP or CISM and ISO 27001(Mandatory) or global equivalent degree


Additional: Post graduate or global equivalent degree


Experience: 12 to 13  years of experience


Knowledge & Key skills: In depth knowledge of:


  • Network protocols and network connectivity concepts; Firewall and Internet technologies;
  • Shall have Managed minimum a team of 2 to 4 people.
  • Secure access control mechanisms; Encryption and Key Management techniques


Competencies/Personal Attributes
Organizational Competencies Functional Competencies
1. Entrepreneurship 1. Self-Motivated and Self Directed
2. Quality & Service Orientation 2. Ability to multi task
3. Teamwork & Collaboration 3. Ability to Innovate and enhance
procedures and methods to increase
productivity & cost effectiveness
4. Diversity Sensitivity 4. Problem-solving
5. Personal & Professional Development 5. In depth knowledge and understanding
of systems and processes


  1. Delivering Results


  1. Communication


  1. Networking


  1. Leadership


Job Features

Job CategoryProcessing & Outsourcing
Weekends5 days a week
Working Hours9:30 AM - 6:30 PM

Apply Online

A valid email address is required.
A valid phone number is required.