Information Security Manager

Primary job role

  • The Information Security Manager will be responsible for implementing network and information security policies across the organization. The role holder will also assess IT-systems and network-related threats within and outside the organization and enforce necessary corrective actions and preventive measures.

Main duties/responsibilities

  • Perform operational establishment and preventive maintenance of backups, recovery procedures, and enforce security and integrity controls.
  • Facilitate proof of concept (POC) and other business-related information security and compliance testing for applications and systems.
  • Securely and effectively manage the next generation firewall infrastructure through the managed services partner and ensure proper standards and best practices are followed and reviewed on frequent basis to ensure highest security effectiveness, and minimum business interruption with proactive identification of issues and timely resolution.
  • Ensure disk- and file-level service and system encryption execution through support teams
  • Work with business units to ensure data is classified correctly and implement gateway and endpoint DLP frameworks and continuous monitoring mechanisms.
  • Set the information security strategy for the company and Assess, test, and select new security products and technologies to bridge any gaps identified, prepare cost estimates, management justification and plan the timely delivery of the project.
  • Provide 24×7 on-call support and execute maintenance activities for both planned and unplanned activities to minimize disruption to the business.
  • Test information security systems, firewalls, and upgrades, such as debugging, tracking, reproduction, logging, and resolving all identified problems, according to approved quality testing scripts, procedures, and processes.
  • Troubleshoot and provide service support in diagnosing, resolving and fixing system, application, infrastructure, hardware, and software malfunctions.
  • Establish and oversee formal risk analysis and self-assessment program for various information services systems and processes.
  • Identify, investigate, and resolve security breaches through forensic analysis. Conduct physical examinations of property to ensure compliance with security policies and regulations.
  • Conduct red teaming assessments, penetration tests, Vulnerability assessments and provide recommendations for the mitigation of identified threats/gaps and ensure timely completion of corrective actions.
  • Conduct training programs to improve the security awareness of business users to minimize breaches and carry out security drills to identify the effectiveness of the awareness sessions and take corrective actions to fix the identified gaps.
  • Coordinate with other teams to define security best practices and conduct regular audits to identify if they are adhering to the same.
  • Be up to date with new threats and attacks and take actions to mitigate them.
  • Collaborate with security consultants, organizations, vendors, suppliers, service providers, and external resources to analyze, recommend, install, and maintain infrastructure, systems, and software security applications.
  • Work with cross-functional teams to evaluate risks and recommend remediation solutions for identified vulnerabilities and track remediation.
  • Develop knowledge and stay updated on Security monitoring tools and processes, and design and maintain technical security controls.
  • Implement, maintain and administer information security documentation, guidelines, policies and procedures, instructions, recording and detailing operational procedures and system logs


  • 5 to 6 years of relevant experience in the design and maintenance of information security programs, conducting red teaming assessments and penetration tests with expertise to identify gaps/misconfigurations/vulnerabilities in network infrastructure/systems and applications with the respective corrective actions.


  • Bachelor’s degree in computer science, information technology, engineering, or a related field with relevant certifications such as Cisco CCNP Security/Offensive Security Certified Professional (OSCP) / Offensive Security Certified Expert (OSCE)

Behavioral competencies

  • Communication
  • Teamwork & collaboration
  • Client orientation
  • Results & execution orientation
  • Decision making
  • Analytical ability  


Related Posts

From insights to thought-leadership

View More

Demystifying the cloud ERP implementation process — Key steps and considerations

In part two of our cloud blog series, Kasun Sandaruwan, Vice President for Americas at Fortude, explains the key decisions and activities that stakeholders should pay attention to along the cloud implementation or migration process, with a special focus on Infor CloudSuite.

Maximizing the benefits of moving to the cloud

By migrating on-premises workloads to the cloud, enterprises benefit from IT cost savings, productivity improvements, business agility, and operational resilience. This blog post delves deep into the cloud benefits and explores how an enterprise can maximize cloud benefits.

Remote software delivery — a conversation with an ERP consultant

Since December 2019, organizations have transitioned to remote work due to international travel restrictions imposed by the pandemic. Despite the initial challenges, businesses are adapting well and have realized the potential of remote work and its effectiveness. .

RPA is here to stay. Can companies remain oblivious?

Robotic process automation, simply known as RPA, came to light in the early 2000s. In the current context, its capabilities are extended with the use of several technologies such as process mining, optical character recognition (OCR), analytics, user experience (UX), artificial intelligence (AI), big data, machine learning (ML), and speech recognition technologies.

Enhance productivity with ERP integrated AI Chatbots

Due to the pandemic, businesses were forced to adapt to new norms with disruptions to usual business operations. The sudden boom in e-commerce has created new requirements. Certain products and services were in high demand, and some businesses struggled with staggering volumes of customer queries and complaints.

Quality Gates: Why all the fuss?

What are quality gates? And what is the role of a gatekeeper? Read our latest blog post by Senior QA Lead Rochana Herath as she details why investing time in identifying quality gates is important and how quality gates significantly improve the success and quality of your software projects.