Manager – IT Security, IT-TPRM

Genpact (NYSE: G) is a global professional services and solutions firm delivering outcomes that shape the future. Our 125,000+ people across 30+ countries are driven by our innate curiosity, entrepreneurial agility, and desire to create lasting value for clients. Powered by our purpose - the relentless pursuit of a world that works better for people - we serve and transform leading enterprises, including the Fortune Global 500, with our deep business and industry knowledge, digital operations services, and expertise in data, technology, and AI.

Inviting applications for the role of Manager - IT Security, IT-TPRM
In this role, you&rsquoll be responsible for identifying, assessing, and mitigating IT security risks across the organization&rsquos infrastructure and data. This role develops and oversees IT security policies, conducts risk assessments, and implements controls to ensure compliance with relevant standards and regulations such as NIST SP 800-53 and ISO/IEC 27001. The SME will also lead awareness training, manage data security initiatives, and monitor compliance activities related to IT security practices.

Responsibilities
. Develop and maintain comprehensive IT security policies and procedures aligned with industry standards (NIST SP 800-53, ISO/IEC 27001).
. Conduct regular IT security risk assessments to identify vulnerabilities, threats, and gaps in the infrastructure, systems, and networks.
. Review controls for both on-premise (Linux and Windows) and cloud infrastructure security (AWS, Azure, Google Cloud).
. Manage security configurations and controls for cloud services, ensuring compliance with industry best practices (CIS benchmarks, NIST standards).
. Evaluate user account management practices, including Role-Based Access Control (RBAC) and Privileged Access Management (PAM), to ensure secure access controls.
. Manage data protection and incident response measures to safeguard sensitive information and effectively address security incidents and breaches.
. Oversee IT controls for backup, access management, Active Directory security, and cloud security compliance.
. Develop strategies and implement control measures to mitigate identified risks and vulnerabilities.
. Oversee the creation and implementation of risk management plans to address IT security risks.

. Ensure ongoing compliance with data security regulations by governing the implementation of compliance controls.
. Oversee patch management processes and monitor security agent performance to ensure proper functionality and security measures.
. Develop and deliver security awareness programs on IT controls and Compliance and emerging threats
. Oversee business continuity planning (BCP) and disaster recovery (DR) processes to ensure minimal downtime in case of security incidents.
. Generate comprehensive reports summarizing security assessments, audit findings, vulnerabilities, and recommended improvements for senior management, and present monthly and quarterly reports to the client.
. Provide expert guidance to senior leadership on risk-related decisions and prioritize security initiatives across the organization.

Qualifications we seek in you!
Minimum qualifications
. Graduate in IT Technology, Cybersecurity or related domain.
. Master&rsquos degree in Cybersecurity, Risk Management, or Business Administration is preferred.
. Relevant experience in IT Infrastructure, information security and GRC roles.
. Experience in managing on-premise and cloud infrastructure security in large-scale environments.
. Strong experience in performing security risk assessments and implementing security controls in medium to large-scale IT environments
. Relevant certifications would be preferrable (AWS Certified security, Microsoft Certified: Azure Security, Engineer, Google Professional Cloud Security Engineer).

. Certifications in security governance and risk management (CRISC, CISSP, CISM, CISA, ITIL, CCSP, CCSK) are preferred

Preferred qualifications
. Extensive knowledge of NIST, ITIL, and ISO 27001 standards for infrastructure security.
. Proficient in cloud security architectures, tools, and best practices (e.g., encryption, identity management, and vulnerability management in cloud).
. Experience with GRC tools such as RSA Archer, MetricStream, or ServiceNow GRC
. Strong leadership and management skills with experience leading teams and managing projects.
. Excellent communication skills with the ability to present complex technical concepts to non-technical stakeholders.
. Ability to work in a fast-paced environment, handling multiple projects and priorities simultaneously

Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. For more information, visit . Follow us on Twitter, Facebook, LinkedIn, and YouTube.

Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a %27starter kit,%27 paying to apply, or purchasing equipment or training.