Senior Manager - IT Security

Apply now »

Date: 9 Jun 2026

Location: Pune, GO-Pune, GO-Pune, GO-Pune

Company: Tata AutoComp Systems Ltd.

About Us

Tata AutoComp Systems, founded in 1995 and part of the Tata Group, is a premier Indian auto component manufacturer providing engineering, design, and manufacturing services. With over 74 global plants and 22,000+ employees, it specialises in EV components, batteries, seating, HVAC, and interior plastics for major OEMs.

Key Responsibilities

The Senior Manager – IT Security is responsible for leading the organization’s cybersecurity strategy, operations, and risk management initiatives. This role ensures the protection of enterprise IT assets, applications, networks, and data against cyber threats, while aligning security with business objectives and regulatory requirements.

1. Security Strategy & Governance
•    Define and execute enterprise IT security strategy aligned with business goals.
•    Establish and maintain security governance frameworks, policies, and standards.
•    Ensure alignment with global standards such as ISO 27001, NIST, CIS Controls.
•    Drive continuous improvement of the organization’s security posture
2. Risk Management & Compliance (across the Business Units of Tata AutoComp)
•    Lead enterprise-wide risk assessments and mitigation planning
•    Manage vulnerability assessment and penetration testing (VAPT) programs.
•    Ensure compliance with regulatory and legal requirements (e.g., DPDP Act).
•    Manage internal and external security audits and ensure closure of findings.
3. Security Operations
•    Oversee Security Operations Center (SOC) functions including monitoring, detection, and response.
•    Define and track KPIs such as MTTD, MTTR, and incident severity.
•    Enhance threat intelligence capabilities and proactive defense mechanisms.
•    Ensure 24x7 monitoring of security events and incidents.
4. Incident Response & Crisis Management
•    Lead cyber incident response planning and execution.
•    Coordinate with internal teams and external agencies during major incidents.
•    Conduct root cause analysis (RCA) and implement corrective measures.
•    Develop and test cyber crisis and business continuity plans.
5. Security Architecture & Engineering
•    Define secure architecture for enterprise IT systems (on-premise and loud).
•    Implement / Manage controls across: 
o    Network security (firewalls, IDS/IPS)
o    Endpoint security (EDR/XDR)
o    Identity & Access Management (IAM, PAM)
o    Data security (DLP, encryption)
•    Drive Zero Trust architecture adoption.
6. Cloud & Digital Security
•    Ensure secure adoption of cloud platforms (Azure, AWS).
•    Oversee cloud security posture management (CSPM) and workload protection.
•    Ensure secure APIs, applications, and DevSecOps pipelines.
7. Third-Party & Vendor Risk Management
•    Assess and manage risks from third-party vendors and partners.
•    Implement vendor security assessment frameworks.
•    Ensure contractual security requirements are enforced.
8. Leadership & Stakeholder Management
•    Lead and mentor cybersecurity teams.
•    Collaborate with IT, business units, HR, Admin, legal, and compliance teams
•    Present security posture and risk insights to senior leadership.
•    Manage budgets and strategic security investments
9. Awareness & Training
•    Drive organization-wide security awareness programs.
•    Conduct phishing simulations and user training.
•    Promote a security-first culture across the enterprise

Qualification

Bachelor’s/Master’s in Computer Science, IT, Cybersecurity, or related field

Experience

Experience:
12–18 years of experience in IT security, with:
o    5+ years in leadership/managerial roles
o    Experience managing enterprise-scale environments

Additional Requirement

Leadership Skills
•    Strategic thinking and decision-making
•    Strong communication and stakeholder management
•    Crisis handling and problem-solving abilities
•    Capability to lead cross-functional teams

 

Certifications (Preferred)
•    CISSP (Highly preferred)
•    CISM / CISA
•    CCSP / CCSK
•    CEH / OSCP

Key Performance Indicators (KPIs)
•    Reduction in security incidents and risk exposure
•    Incident response effectiveness (MTTD / MTTR)
•    Compliance audit success rate
•    Vulnerability remediation timelines
•    Security awareness maturity level 
•    Knowledge of AI/ML in cybersecurity
•    Exposure to DevSecOps and automation
•    Experience in regulated industries (BFSI, Manufacturing, Pharma)
•    ISO 27001 Lead Implementer / Auditor

Experience with Zero Trust implementation

Competencies