Startup Jobs
Post a Job
2070Health

IT Manager

New Delhi , India
full-time

AI overview

Manage and secure IT infrastructure while ensuring compliance with cybersecurity standards and providing support across multiple office locations.

About 2070Health

W Health has set up India’s first healthcare focused Venture Studio called  2070Health - an innovation platform that builds transformative healthcare companies from scratch by discovering disruptive opportunities in whitespaces. Distinct from the accelerator approach, our venture studio is closely involved in idea generation, day-to-day operations, and strategic decisions of growing the new business. Companies incubated in the last 24 months include Elevate NowNivaan Care, Reveal Healthtech , BabyMD and Everhope Oncology.

Role Overview

The IT Manager will be responsible for managing and securing the entire IT infrastructure of the organization, ensuring compliance with the Cybersecurity & Cyber Resilience Framework (CSCRF), and supporting employees across multiple office locations. This role covers IT operations, cybersecurity designing, implementation, asset management, networking, hardware/software lifecycle, vendor management, patching, backup, endpoint security, and user support.

The IT Manager will work on designing and implementation of all cybersecurity controls.

Key Responsibilities

1. IT Infrastructure & Operations

A. End-User & Hardware Management

  • Manage and support laptops, desktops, printers, peripherals for ~40 staff across multiple cities.
  • Enforce device hardening and security baselines (as per OS, endpoint, and network hardening policies).
  • Ensure secure device provisioning, configuration, updates, and decommissioning.

B. Network & Connectivity Management

  • Manage office networking setups across cities (LAN, WiFi, firewalls, switches, routers).
  • Ensure WPA3, VLAN segmentation, RBAC, and secure co-working network controls.
  • Maintain VPN access, MFA enforcement, bandwidth policies, and network monitoring.

C. SaaS & Application Support

  • Administer critical SaaS tools (email, collaboration tools, cloud storage, CRM, monitoring tools).
  • Manage access provisioning, de-provisioning, privilege controls, and license renewals.

2. Cybersecurity & CSCRF Compliance

A. Designing & Implementation of Cybersecurity Controls

  • Enforce all policies:
    • Risk management
    • Asset management
    • Authentication & authorization
    • Data protection & encryption
    • Network security
    • Patch management
    • Incident response
    • VAPT & vulnerability management
    • Third-party vendor security
    • Backup & disaster recovery

B. Identity & Access Management (IAM)

  • Apply least privilege and time-bound access principles.
  • Manage MFA for all critical systems and remote access points.
  • Review access logs and dormant accounts.

C. Incident Detection & Response

  • Monitor endpoint alerts, email security, network anomalies.
  • Log, escalate, and document security incidents as per incident management SOP.
  • Support forensic investigations, RCA, and SEBI reporting requirements.

D. Patch Management & Updates

  • Monitor OEM advisories, deploy updates as per severity timelines:
    • Critical: 7 days
    • High: 15 days
    • Medium/Low: 30 days
  • Maintain patch logs, testing records, and change control approvals.

E. Vulnerability Management

  • Coordinate VAPT activities with CERT-In empanelled auditors.
  • Track remediation progress and ensure revalidation. 

3. Asset Management & Documentation

A. IT Inventory Ownership

  • Maintain a detailed asset register for all hardware, software, and cloud resources.
  • Track asset lifecycle from purchase to disposal.
  • Validate annual inventories and reconcile with physical assets.

B. Software Compliance

  • Maintain SBOMs for critical systems (as mandated in policy).
  • Ensure only licensed and approved software is installed.
  • Prevent unauthorized devices or applications.

 

4. Data Protection, Backup & DR

  • Implement daily/weekly backups for critical data and server images.
  • Manage off-site/cloud backup storage.
  • Test restore procedures periodically to meet RPO/RTO targets.
  • Ensure encryption at rest and in transit for all sensitive data.

 

5. Vendor & Third-Party Management

  • Ensure all IT vendors adhere to cybersecurity requirements.
  • Manage NDAs, MSAs, SLAs, and third-party audit documentation.
  • Validate controls from co-working space providers (network segregation, CCTV access, etc.).
  • Perform quarterly vendor security reviews.

 

6. Support & Employee Training

  • Provide L1/L2 support for IT issues, outages, and hardware failures.
  • Conduct employee cybersecurity awareness training (phishing, data handling, passwords).

Ensure HODs and teams are aligned with acceptable use policy.

Requirements

Technical Skills

  • Strong knowledge of Windows/macOS administration
  • Office 365/Google Workspace administration
  • Endpoint security tools (AV/EDR)
  • VLAN, firewalls, VPNs, WiFi protocols, network segmentation
  • Backup/disaster recovery systems
  • Hands-on patching, asset management, logging, MFA
  • Experience with VAPT coordination & vulnerability remediation
  • Familiarity with SEBI cybersecurity requirements (preferred)

Experience

  • 4–8 years in IT administration or IT infrastructure roles
  • Multi-location IT operations experience
  • Experience working in regulated industries (preferred)

 Behavioral Competencies

  • High ownership and accountability
  • Strong documentation discipline
  • Ability to work independently across distributed teams
  • Proactive problem-solving and risk identification
  • Confidentiality and ethics benchmark
 2070Health
Website LinkedIn
View all jobs
Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

IT Manager Q&A's
Report this job
Apply for this job