Manager - IT

Manager - IT

Manager - IT


Exprience: 2 - 7 years 

Location: Gurugaon

Job description

Application Risk Management Consultant

Act as the functional specialist for Cyber Security Risk Management (CSRM):

Advanced knowledge on various Risk Methodologies Octave, ISO31000 etc.

Adopt, Define, Implement, evolve the risk framework for the Organization.

Conduct / Facilitate smooth conduct of Risk Assessment on Applications, NetworkSystems.

SME Knowledge on conducting data security and privacy assessments.

Proactively review Indigo s information security and related risks w.r.t threats and vulnerabilities compliances (ISO,PCIDSS, SOC1/2 , SSAE etc.)

Translate Technical, legal and Regulatory Compliance obligations into a cohesive collection of Security Controls and provides the respective stakeholders with the CSRM requirements and its implementation methodologies.

Work with Project Managers, Business Analysts, Architecture and Support Team to ensure Indigo s CSRM standards are being followed.

Responsible for Cyber security and Data Privacy awareness

Actively participate in reviewing and improving the data Security and privacy controls implemented in the organization.

Active participation in the Assurance and Architecture level discussions in the engagements.

Serves as CSRM entity for creating Security awareness sessions both scheduled (Induction) and ad-hoc ones.


Good understanding of, and experience with Information Risk Management, Audit (internal and external), and Business (IT) Controls.

Advanced understanding of internal and external IT security standards, PCI standards and relevant legal compliance aspects like GDPR, Various compliances like ISO, BSI etc.

Robust understanding of, and solid experiences with the impact of CSRM on application development and operations as well as the IT Infrastructure.

Ability to interface with different groups (Third parties, Business and IT) internal and external to IT (security) and to network across Group businesses, as well as with external groups.

Technical knowledge relevant experience in security domains /technologies related to:

Infrastructure/Network security

Data Privacy and Business Impact Assessment - PCI DSS, Privacy Principles, GDPR etc.

Data Classification discussions with business.

Driving Platform / Application security and compliance as part of Project Engagement.

Ability to foresee and identify mitigation strategies for Risks Candidate must also:

Display excellent communicating and influencing skills

Display analytical and problem solving skills

Be pro-active and self-motivated

A qualification in CISA, CRISC or CISM Experience

Must have previous experience in an (Information/Cyber) Risk Management team .


Role: IT & Information Security - Other

Industry Type: Travel & Tourism

Department: IT & Information Security

Employment Type: Full Time, Permanent

Role Category: IT & Information Security - Other


UG: Any Graduate

PG: Any Postgraduate

Key Skills

(i) ISO 

(ii) Analytical

About company

IndiGo is Indias largest passenger airline with a market share of 55.5% as of October, 2020. We primarily operate in Indias domestic air travel market as a low-cost carrier with focus on our three pillars offering low fares, being on-time and delivering.