Deputy Manager - Cyber Security

The Information Security role is responsible for managing and executing information security initiatives and projects across MHIL. The position ensures that newly introduced IT projects and existing infrastructure comply with organizational security standards through comprehensive technical security assessments and risk management practices. The role provides hands-on expertise in vulnerability management, application and infrastructure security, and incident response. Key Roles & Responsibilities Information Security & Risk Management Lead and manage Information Security projects across MHIL. Perform

Technical Risk Assessments

for new and existing IT systems and applications. Conduct

security assessments

for newly onboarded IT projects to ensure compliance with security policies and standards. Identify, analyze, and mitigate technical security risks across the organization. Vulnerability & Threat Management Plan and manage

Vulnerability Assessment and Penetration Testing (VAPT)

activities, including coordination with internal teams and external vendors. Track, analyze, and ensure remediation of vulnerabilities identified during assessments. Perform configuration reviews and security hardening of systems, applications, databases, and network devices. Endpoint & Infrastructure Security Manage

Anti-Virus (AV) and Endpoint Detection & Response (EDR)

solutions, including deployment, monitoring, and policy enforcement. Oversee

Infrastructure Security

covering servers, networks, operating systems, and cloud environments (if applicable). Implement and monitor

Patch Management

processes to ensure timely remediation of security vulnerabilities. Application Security Conduct

Application Security assessments

, including secure code review (as applicable) and application vulnerability testing. Work closely with development and project teams to integrate security controls into the application lifecycle (SDLC). Security Monitoring & Incident Response Support

SIEM/SOC operations

, including log monitoring, alert analysis, and threat investigation. Participate in

Incident Response activities

, including detection, containment, investigation, and remediation of security incidents. Assist in developing and maintaining incident response procedures and playbooks. Governance, Documentation & Compliance Prepare and maintain security documentation, risk reports, and assessment findings. Support audits, compliance reviews, and regulatory requirements as applicable. Provide security guidance, awareness, and best practices to IT and business teams.

Technical skills Strong hands-on experience in

VAPT and Technical Risk Assessments Expertise in

Application Security and Infrastructure Security Experience with

AV/EDR tools

and endpoint security solutions Knowledge of

Patch Management

tools and processes Hands-on experience in

Configuration Assessment and System Hardening Working knowledge of

SIEM/SOC operations

and

Incident Response Understanding of security standards and frameworks (ISO 27001, NIST, etc.)

Qualification & Experience Graduation in any discipline

with computers as a subject Additional Information Security certifications

from recognized organizations (preferred) Examples: CEH, CISSP, CISM, ISO 27001 LA, Security+, etc. 7+ years of experience

in Information Security / Cyber Security roles