The job you are trying to view has expired. Please perform a new search to find current jobs.

Security Manager I - Digital Risk

McKinsey & Company -
Gurugram, Haryana

Job details

Qualifications

Computer Science
Information security
Master's degree
Bachelor's degree
NIST standards
ISO 27002
APIs
ISO 27001
Cybersecurity
Identity & access management
SDLC

Full job description

Job ID: 108677

Gurugram

Do you want to do work that matters, alongside supportive leaders who will help you grow faster than you ever thought possible? Are you a creative problem-solver who is energized by challenges? You’ve come to the right place.

YOUR IMPACT

You will shape and support the development of the AsiaX Digital Risk agenda—encompassing cybersecurity, digital resilience, Responsible AI (RAI), and Data Risk—by translating global strategy into effective, region-specific implementations.

You will establish robust reporting frameworks to measure program efficiency and lead regional compliance for data protection and AI security, closely monitoring regulatory changes to drive prioritized remediations and ensure continuous audit readiness for key certifications like ISO/IEC 27001 and SOC 2 Type 2. Acting as a trusted regional advisor, you will provide pragmatic guidance to internal stakeholders, articulate security trade-offs in business-relevant language, and expertly manage client security audits and escalations.

Additionally, you will drive our digital resilience by implementing comprehensive BCP/DR strategies and running recovery exercises, while simultaneously co-developing and operationalizing RAI controls utilizing your hands-on experience with AI tools. Partnering closely with product and IT teams, you will drive a secure Software Development Life Cycle (SDLC), perform rigorous product security reviews, manage vendor penetration testing, and design vital security guardrails across cloud, IAM, APIs, and data. Finally, you will oversee third-party vendor risk management for the region and establish key performance metrics to track vulnerability remediation, vendor coverage, and overall incident response success.

YOUR GROWTH

You are someone who thrives in a high-performance environment, bringing a growth mindset and entrepreneurial spirit to tackle meaningful challenges that have a real impact.

In return for your drive, determination, and curiosity, we’ll provide the resources, mentorship, and opportunities to help you quickly broaden your expertise, grow into a well-rounded professional, and contribute to work that truly makes a difference.

When you join us, you will have:

Continuous learning: Our learning and apprenticeship culture, backed by structured programs, is all about helping you grow while creating an environment where feedback is clear, actionable, and focused on your development. The real magic happens when you take the input from others to heart and embrace the fast-paced learning experience, owning your journey.
A voice that matters: From day one, we value your ideas and contributions. You’ll make a tangible impact by offering innovative ideas and practical solutions, all while upholding our unwavering commitment to ethics and integrity. We not only encourage diverse perspectives, but they are critical in driving us toward the best possible outcomes.
Global community: With colleagues across 65+ countries and over 100 different nationalities, our firm’s diversity fuels creativity and helps us come up with the best solutions. Plus, you’ll have the opportunity to learn from exceptional colleagues with diverse backgrounds and experiences.
Exceptional benefits: On top of a competitive salary (based on your location, experience, and skills), we provide a comprehensive benefits package to enable holistic well-being for you and your family.

YOUR QUALIFICATIONS AND SKILLS

Bachelor’s degree is required (master’s degree is preferred) in IT/computer science, cyber security, or equivalent experience

7+ years of cybersecurity or digital resilience experience, with exposure to regional or multi-country environments. (Singapore, IND, Japan, Aus, Korea)

Hands-on experience in cyber/data security regulatory compliance, especially in Japan, Korea, Australia, India, or Singapore

Hands-on experience on digital resilience, such as disaster recover testing, business continuity plan development

Working knowledge of common information security controls, guidelines and standards, such as ISO27001, NIST CSF 2.0

Strong working knowledge across multiple core security domains such as network security, API security, cloud security, Identity and Access management, and data security

Experience with security technologies and tooling, e.g. vulnerability scanners, firewalls, privilege access management solution, SIEM etc

Please review the additional requirements regarding essential job functions of McKinsey colleagues.

Our unwavering commitment to integrity drives everything we do, guiding us to always act in the best interests of our clients, our people, and the communities we serve.

Jobseeker tools

Employer Tools

Browse

Stay Connected