Information Security Manager
Connor, Clark & Lunn Financial Group Ltd.
Gurugram (Hybrid), India
Connor, Clark & Lunn Financial Group (CCLFG), one of Canada's leading asset managers, is seeking an experienced Information Security Manager to lead and expand our Center of Excellence (CoE) – Information Security in Gurugram. This strategic leadership position is responsible for information security governance, protection of digital assets, and ensuring risk-aligned security practices across the organization. You will play a critical role in shaping enterprise security strategy, advancing security innovation, and minimizing cyber risk exposure. The successful candidate will collaborate with teams across Canada and India, reporting directly to the Information Systems Security Officer (ISSO) based in Toronto.
What You Will Do
In this pivotal role, you will lead a team of information security analysts to drive innovation through AI and automation, strengthen information security operations, and streamline enterprise governance practices. As the accountable lead, you will manage key stakeholders, collaborate closely with teams in Canada, and ensure that the organization's information security program is optimized to deliver maximum protection with minimal disruption to business operations. Our hybrid work model combines the benefits of in-office collaboration with the flexibility of remote work.
Information Security Strategy & Governance
- Define, implement, and continuously enhance enterprise security policies, standards, and procedures.
- Align security initiatives with business objectives, regulatory requirements and cybersecurity threat intelligence insights.
- Serve as a trusted security advisor to leadership and technical teams on emerging threats, compliance, and risk mitigation.
Risk Management & Compliance
- Lead risk assessments across infrastructure, applications, and cloud platforms (Azure, AWS, SaaS, hybrid).
- Ensure compliance with ISO 27001, NIST, GDPR, and other relevant standards.
- Support internal and external audits, including remediation planning and continuous improvement efforts.
Security Operations & Incident Response
- Oversee security event detection, monitoring, and analysis across hybrid environments.
- Partner with Center of Excellence (CoE) – Information Technology on Patch and vulnerability management governance.
- Lead root cause analysis for security incidents and embed lessons learned into operational practices.
- Coordinate with Incident Response partner firm for material security incidents.
Architecture & Technology Enablement
- Act as a security subject matter expert, integrating security-by-design principles into enterprise projects.
- Guide technology selection and best-practice adoption for new tools and processes.
- Ensure consistent security integration into cloud-native deployments, SaaS adoption, and on-premises systems.
Awareness & Training
- Build a security-first culture by delivering awareness programs across the organization.
- Mentor staff, developers, and business stakeholders on secure practices.
Leadership & Collaboration
- Lead and mentor a team of information security analysts.
- Partner with IT, compliance, and business stakeholders to ensure secure delivery of business services.
- Report on security posture, risks, and KPIs to senior management.
What You Bring
- 10-15 years related work experience
- Degree or information security management experience is preferred
- Familiar with security standards and frameworks, such as ISO, NIST, SANS, and CIS
- Experience with technologies such as Netskope Email Data Loss Prevention (DLP), Tenable Patch/Vulnerability Management, Cloud security, SIEM (Microsoft Sentinel), Email Security monitoring, Privileged Access Management (CyberArk) and XDR (Defender for Endpoints) are assets
- Comfortable working with and learning new technologies. Experience using Power Automate, AI tooling, PowerBI and Office 365 tooling (e.g. Excel) is a bonus
- Strong written and verbal communication skills; comfortable interacting with individuals at all levels of the organization
- Passion for technology and keep up with the latest information security trends
- Information security certifications such as CISSP, CISM, CISA, ISO 27001 Lead Auditor, etc. are a bonus but not mandatory
For a closer look at how you can build your career with us, we invite you to explore cclgroup.com.
CC&L Financial Group is committed to creating a diverse and inclusive environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to gender, ethnicity, religion, sexual orientation or expression, disability, or age.
Your application will be reviewed by a member of the hiring team - AI is not used in the screening, assessment or selection of applications at this time.
