| Job Requisition ID | 104180 |
| Job Title | Manager – ISMS (Information Security Management System) |
| Company | Deloitte Touche Tohmatsu India LLP |
| Location | Hyderabad |
| Designation | Manager |
| Practice | Cyber Security Transformation (CST) |
| Domain | Information Security Management System (ISMS) |
| Experience Required | 8+ Years |
| Education | Bachelor’s Degree or Master’s Degree (Tier 1/Tier 2 Institutions Preferred) |
| Primary Responsibility | Lead Information Security Governance, Risk Management, Compliance, and ISMS implementation engagements |
| Core Framework | ISO 27001 Information Security Management System |
| Security Governance | Implement, manage, review, and sustain ISO 27001-based ISMS programs |
| Security Assessments | Assess client information security posture, identify gaps, risks, and compliance issues |
| Risk Management | Develop remediation plans and risk mitigation strategies for identified security gaps |
| Information Security Controls | Design, review, and implement information security controls across organizations |
| Change Management | Review and strengthen Change Management processes and controls |
| Incident Management | Evaluate and improve Incident Response and Incident Management frameworks |
| Backup & Recovery | Assess Backup Management processes and business continuity controls |
| Identity & Access Management | Review User Access Management, Authentication, Authorization, and Privileged Access Controls |
| Endpoint Security | Evaluate Antivirus and Endpoint Protection Management processes |
| Service Management | Review SLA Monitoring, Performance Management, and Operational Security Controls |
| Information Handling | Develop controls for Media Handling, Data Exchange, and Information Protection |
| Physical Security | Assess Physical and Environmental Security Controls |
| Vendor Risk Management | Conduct Third-Party/Vendor Risk Assessments and Outsourcing Risk Reviews |
| Information Classification | Design and implement Information Classification Frameworks and Data Protection Standards |
| Compliance Frameworks | ISO 27001, NIST Cybersecurity Framework, COBIT |
| Consulting Responsibilities | Provide cybersecurity advisory and compliance consulting to clients |
| Project Management | Independently manage cybersecurity engagements with limited supervision |
| Governance & Compliance | Information Security Governance, Risk Assessment, Policy Development, Regulatory Compliance |
| Technical Skills | ISMS, Risk Assessment, Security Controls Review, Vendor Risk Management, Information Classification |
| Soft Skills | Stakeholder Management, Communication, Leadership, Documentation, Problem Solving |
| Industry Focus | Cybersecurity Consulting, Risk Advisory, Governance, Risk & Compliance (GRC) |
| Career Level | Manager |
| Ideal Candidate | Cybersecurity Governance and Risk professional with 8+ years of experience in ISO 27001 implementation, ISMS management, risk assessments, vendor risk management, compliance consulting, and security governance frameworks such as NIST and COBIT |
