Skip to main content
Posted 14 July, 2026

Manager, Information Security

Icertis
Pune, Maharashtra, India Full Time
Reference: 218_692154_7154

This role owns and drives all security and operatingmodel concerns raised by strategic enterprise customers for Icertis Cloud Infrastructure (ICI).

The role acts as the single accountable owner for:

  • Cloud security posture in customerowned Azure environments
  • Deviation management (e.g., nondomainjoined VMSS)
  • Operatingmodel alignment (patching, monitoring, CI/CD, access)
  • Evidence, visibility, and executive decision support

The role exists to remove friction, ambiguity, and rework in largecustomer security engagements by converting repeated questions into clear positions, guardrails, and auditable programs.

Core

  • Deep understanding of Azure infrastructure security and operating models
  • Experience operating in customerowned cloud environments
  • Strong grasp of:
    • VMSS / imagebased security models
    • Patch management and visibility
    • Monitoring, telemetry, and SOC integrations
  • Ability to reason about security equivalence, not just control checklists

Program & Stakeholder Leadership

  • Proven ability to lead highnoise, highscrutiny customer engagements
  • Comfortable engaging CSO / architecture review boards
  • Strong documentation and narrative skills for:
    • Risk acceptance
    • Decision points
    • Executive summaries

Preferred Qualifications

  • Azure Security certifications
  • Experience with large regulated enterprises (telecom, finance, government)
  • Prior ownership of customerspecific cloud security operating models

Key Competencies

  • Ownership mindset ("this is my problem endtoend")
  • Structured thinking under ambiguity
  • Ability to reduce repeated questions into durable answers
  • Calm, credible presence in customer security forums

Experience

  • 10-15 years in Cloud / Security / Infrastructure roles
  • 5+ years owning security programs with direct enterprise customer exposure

-

1. Strategic Customer Security Ownership (Primary)

  • Own endtoend security conversations for strategic customers
  • Act as the single-threaded owner across Cloud Ops, DevOps, CPS, Engineering, and Compliance
  • Translate customer security standards into implementable, testable, and supportable models
  • Ensure consistent positions across decks, calls, audits, and escalations

2. Cloud Infrastructure & Operating Model Alignment

  • Own customer discussions around:
    • VMSS vs VM security equivalence
    • Nondomainjoined deployments
    • Imagebased enforcement, identity lifecycle, drift handling
  • Lead definition and validation of:
    • Patching lifecycle and visibility
    • Monitoring and telemetry alignment (MDE, Sentinel, customer tools)
    • Support and escalation RACI in customerowned subscriptions
  • Drive clarity on what Icertis owns vs what the customer owns

3. Deviation, Risk & Exception Management

  • Own formal risk narratives for deviations from customer standards
    (e.g., domainjoin semantics, tooling assumptions)
  • Coordinate executivelevel risk acceptance with customer CSO teams
  • Ensure deviations are:
    • Explicitly documented
    • Guardrailed
    • Timebound
    • Supported by equivalent security outcomes

4. Change Management & Control Governance

  • Own structured approaches for:
    • GPO change management
    • Emergency vs planned enforcement
    • Impact assessment and rollback logic
  • Ensure every change has:
    • Clear ownership
    • Defined timelines
    • Evidence and traceability

5. CI/CD, Deployment & Tooling Alignment

  • Own customer security posture for:
    • Git runners / CICD execution models
    • Private Link vs DMZbased execution
    • Network allowlisting and proxy constraints
  • Ensure deployment models remain:
    • Secure
    • Auditable
    • Scalable across future releases (not bespoke per customer)

6. Evidence, Visibility & Audit Readiness

  • Own the evidence model for strategic customers:
    • Patch visibility
    • Scan outputs (SAST, SCA, VAPT)
    • Image lineage and deployment traceability
  • Convert adhoc evidence requests into repeatable, systemdriven artifacts
  • Support audits without creating parallel operational processes

Sign up for Job Alerts