Senior Security Compliance Manager

Sapiens is on the lookout for a Security Compliance and Information Security Manager to become a key player in our Bangalore team. If you're a seasoned Security Compliance and Information Security Manager pro and ready to take your career to new heights with an established, globally successful company, this role could be the perfect fit.

Location: Bangalore

Working Model: Our flexible work arrangement combines both remote and in-office work, optimizing flexibility and productivity.

This position will be part of Sapiens, for more information about it, click here: www.sapiens.com.

What you’ll do:

We are seeking a highly skilled Security Compliance and Information Security Manager to ensure the organization’s compliance with all relevant security regulations, frameworks, and standards. The role is responsible for safeguarding our information systems, managing risk, and leading compliance efforts. The ideal candidate will have deep expertise in both compliance and technical security measures, ensuring a proactive approach to security threats while maintaining compliance with regulatory requirements.

Key Responsibilities:

Security Compliance:

• Lead the development, implementation, and management of the company’s security compliance programs (e.g., ISO 27001, SOC 2, NIST, GDPR, HIPAA).
• Ensure compliance with applicable regulations and standards, including data protection laws, privacy regulations, and industry-specific guidelines.
• Develop and maintain documentation related to compliance policies, standards, and processes.
• Conduct regular security compliance audits, risk assessments, and gap analysis to identify vulnerabilities and areas for improvement.
• Collaborate with legal, HR, and other departments to maintain a comprehensive compliance framework.
• Interface with external auditors, regulators, and other third parties during compliance assessments and certifications.
• Provide training and awareness programs for employees to foster a culture of security and compliance.
• Prepare compliance reports and communicate with leadership on the status of security compliance initiatives.

Information Security:

• Develop and implement the organization’s information security strategy, policies, and procedures to protect critical systems and data.
• Monitor and assess security risks, threats, and vulnerabilities across all information systems, networks, and applications.
• Lead incident response efforts, including forensic analysis, investigation, and reporting of security breaches or incidents.
• Implement security technologies such as firewalls, intrusion detection systems (IDS), data loss prevention (DLP), and endpoint protection tools.
• Manage identity and access management (IAM) systems, ensuring that access controls and user privileges are appropriately defined and enforced.
• Oversee the security of cloud infrastructure (AWS, Azure, GCP), including configuration reviews, security assessments, and monitoring.
• Conduct regular security testing, including vulnerability scans and penetration testing, to validate the security posture of systems.
• Work closely with DevOps and engineering teams to integrate security practices into development and operational processes (DevSecOps).
• Ensure the organization complies with secure coding standards and best practices in application development.
• Stay current on the latest security trends, vulnerabilities, and technologies, and recommend upgrades to security infrastructure as necessary.

What to Have for this position.

Must have Skills.

• Bachelor’s degree in information security, Computer Science, or a related field.
• 5+ years of experience in information security, risk management, or security compliance.
• Experience managing compliance programs (ISO 27001, SOC 2, NIST, GDPR, HIPAA, PCI DSS).
• In-depth knowledge of information security principles, including network security, application security, encryption, identity management, and incident response.
• Familiarity with security tools and technologies, including firewalls, IDS/IPS, DLP, SIEM, endpoint security, and vulnerability management.
• Experience with cloud security in platforms like AWS, Azure, or GCP.
• Strong understanding of data privacy regulations (GDPR, CCPA) and their impact on security compliance.
• Strong leadership skills and experience managing cross-functional teams or security operations.
• Excellent analytical and problem-solving skills, with a proactive approach to identifying and mitigating risks.
• Certifications such as CISSP, CISM, CISA, or CRISC are highly desirable.

Preferred Qualifications:

• Master’s degree in information security, Cybersecurity, or related field.
• Hands-on experience with security automation and orchestration in a DevSecOps environment.
• Experience working with security frameworks for regulated industries (e.g., healthcare, finance).
• Familiarity with advanced threat detection and mitigation strategies.
• Certifications in cloud security (e.g., AWS Certified Security Specialty, Azure Security Engineer Associate).

About Sapiens

Sapiens is a global leader in the insurance industry, delivering its award-winning, cloud-based SaaS insurance platform to over 600 customers in more than 30 countries. Sapiens’ platform offers pre-integrated, low-code capabilities to accelerate customers’ digital transformation. With more than 40 years of industry expertise, Sapiens has a highly professional team of over 5,000 employees globally. For More information visit us on www.sapiens.com.

Sapiens is an equal opportunity employer. We value diversity and strive to create an inclusive work environment that embraces individuals from diverse backgrounds.