full-width-banner full-width-banner full-width-banner

Explore a world of opportunities

Join one of the world’s leading brand franchise operators

Read more
full-width-banner full-width-banner full-width-banner

Great people, great brands, great future

Start your journey with us

Find vacancies
Explore all opportunities

Work type

Locations

India

Categories

Your Experience Level

Our application process

At Alshaya, we make thousands of job offers every year, and we look forward to welcoming successful candidates to our growing business.

Here are some important facts you need to know about our processes, so you can be sure that your job offer is genuine.

  • We never ask candidates to pay fees or send us money.
  • We never ask candidates to give personal information such as date of birth, address, passport details, bank details, etc.
  • You always deal directly with us and all communication will come from an official ‘@alshaya.com’ email address, or through an affiliated Alshaya agency. To check if you’re dealing with an affiliate, you can email us at alshayajobs@alshaya.com

Receiving a job offer

If your job offer seems too good to be true, it probably is. There are three key things to remember if you suspect an offer is not genuine:

  • Do not contact the original sender
  • Do not provide any personal information
  • Do not make any payment

If you have concerns and wish to confirm a job offer is genuine, email us at alshayajobs@alshaya.com. Please include a photo or screenshot of the message you have received (please do not forward the original).

Note: Please do not send your CV to the email address listed above as it will not be considered as an application for work.

Click here to know more about our Job Offer process.


Information Security Manager - IT - India

Apply now Job no: IND2025-CTOB20
Location: India
India Head Office

IT

Alshaya IT is a diverse organisation supporting corporate, warehouse and retail specific IT infrastructure and systems. We have software teams creating and developing in-house applications and product teams optimising and integrating major third party solutions.  The rate of growth across divisions and geographies means we are constantly evaluating how we provide robust, scalable and business enabling infrastructure and systems in line with global benchmark standards. 

Information Security Manager(GRC)

 

Role Profile:

 

Alshaya employed a dedicated security team to implement and maintain the organization's information security program. Typically, this group is led by a chief information officer. The security group is generally responsible for conducting risk management, a process through which vulnerabilities and threats to information assets are continuously assessed, and the appropriate protective controls are decided on and applied. The value of an organization lies within its information and its security is critical for business operations, as well as retaining credibility and earning the trust of clients.

Information security programs are built around the core objectives of the CIA triad: maintaining the confidentiality, integrity and availability of IT systems and business data.

Role and

 

 

 

The below Key Performance Areas include but are not limited to:

 

 

•                  Work closely with the leadership for the Security requirements and implementation of security initiatives based on ISMS (ISO 27001:2013), Business Continuity Management Systems (BCMS ISO22301:2012) and IDR, PCI-DSS, SSAE SOC etc.

•                  • Direct, develop, implement and manage Information Security practices with hands-on experience managing GRC for the complete Organization

•                  • Responsible for consulting, design and implementation of security controls and solutions to reduce the risk to Organization.

•                  • Directly responsible for procedures and controls to assure compliance with applicable regulatory and legal requirements as well as good business practices

•                  • Design information security management systems that impact multiple domains and operations

•                  • Experience consulting, designing and implementing security technologies, such as IDS/IPS, SIEM, access controls, encryption and forensic tools.

•                  • Experience working with VA/PT technologies, Infrastructure & Endpoint Security solutions

•                  • Broad understanding of various Risk models (e.g. OSSTMM, CVSS, OCTAVE)

•                  • Experience in Security evaluation, threat assessments, threat modelling, risk assessment methodologies and frameworks.

•                  • Work on RFP related to security services and end-to-end supplier security management

Page 2 of 2

 

 

•                  • Experience in design, plan, architecture and management principles for Application Security, Infrastructure Security, Encryption, Data masking , Database security, Cloud Security, PKI , Certificate life cycle management , Enterprise key management, Data Governance etc

•                  • Develop, implement and enforce suitable and relevant information security policies, ensuring that these are compliant with Alshaya IT Policies and standards and other legislation and regulations related to information security; reviewing policies on a regular basis.

•                  • Inform, consult and advise the company on matters related to compliance and data protection laws including privacy compliance for GDPR and relevant standards

•                  • Manage Internal and External audit related to information security compliance and best IT practices

•                  • Advise business and project teams on Security requirements

•                  • Responsible for training and awareness

 

 

 

Knowledge (Desired):

 

Experience

•                 10 – 15 years minimum experience in Information Security Domain

•                 • Post Graduate/graduate in Information Security or IT related field.

•                  • Preferred certifications: Preferred certifications: CISM, ISMS LA/ LI, BCMS LA/LI, CISSP, ITIL

•                  • Optional PMP certification

 

 

 

Skills:

 

 

Additional role requirements:

 

 

 

All employees are required to adhere to company policies and procedures, and work in line with Alshaya’s Vision and Values -

‘Think Big’, ‘Act Small’, ‘Be You’.

 

 

About Us:

Alshaya Group is a dynamic family-owned enterprise which was first established in Kuwait in 1890. With a consistent record of growth and innovation, Alshaya Group is one of the world’s leading brand franchise operators, offering customers an unparalleled choice of well-loved international brands, including: Starbucks, H&M, Mothercare, Debenhams, Cos, American Eagle Outfitters, P.F. Chang’s, The Cheesecake Factory, The Body Shop, M.A.C, Victoria’s Secret, Boots, Vavavoom, Pottery Barn and KidZania.

Alshaya Group’s portfolio extends across MENA, Russia, Turkey, and Europe, with thousands of stores, cafes, restaurants and leisure destinations, as well as a growing online and digital business.

Operating in multiple sectors including Fashion, Food, Health & Beauty, Pharmacy, Home Furnishings and Leisure & Entertainment, Alshaya Group colleagues are united by a commitment to delivering great customer service and brand experiences.

Fresh, modern, and relevant, Alshaya’s constantly evolving retail portfolio reflects the choices and lifestyle of its customers. From flagship stores and restaurants in prestige malls, to local coffee shops, drive-thrus and online, Alshaya Group brings customers the brands they love in the places they want to be.

Advertised: India Standard Time
Application close:

Back to search results Apply now Refer a friend