Talent.com
Manager Infosec GRC

Manager Infosec GRC

ConfidentialMumbai, India
12 days ago
Job description

Department : Information Security

Location : Mumbai

Reports to : IS GRC Head

Employment Type : Full-time

Job Purpose :

This role is responsible for driving the organization's Information Security Governance, Risk, and Compliance (GRC) function, Industry standards (ISO 27001, NIST CSF), and regulatory requirements. The candidate will lead internal audits, vendor risk governance, SOC 2 readiness, automation initiatives, client assessments, and security awareness across the enterprise—while managing a team of security professionals.

Key Responsibilities :

Governance, Risk & Compliance

  • Implement and maintain a scalable Information Security GRC framework based on ISO 27001, NIST Cybersecurity Framework, and applicable regulatory requirements (RBI, SEBI, IRDAI, DPDPA).
  • Manage the information security policy lifecycle, risk registers, and control objectives across business units.
  • Lead the exception management process, including impact assessments, approval workflows, and periodic reviews.

Internal Audit & Control Testing

  • Plan and execute periodic internal audits, control design evaluations, and operational effectiveness testing for IT and cybersecurity controls.
  • Coordinate external assessments, including SOC 2 readiness, ISO 27001 surveillance audits, and customer / compliance audits.
  • Track and close audit findings with clear ownership, root cause analysis, and sustainable remediation plans.

    • Vendor Risk Management (End-to-End)

  • Oversee the Third-Party Risk Management (TPRM) lifecycle : onboarding, risk assessment, security clauses, ongoing monitoring, and exit governance.
  • Drive continuous oversight of critical vendors based on data exposure and service criticality, using automated tools where feasible.

    • Automation & Tooling

  • Identify manual GRC activities suitable for automation; perform POCs, evaluate tools, and drive implementation.
  • Lead automation initiatives for risk assessments, control testing, evidence gathering, and exception workflows.

    • SOC 2 & Compliance Readiness

  • Lead organizational readiness for SOC 2 Type 1 and Type 2 audits, working with Business SPOC's, application owners and control owners.
  • Align existing practices to SOC trust service criteria (Security, Availability, Confidentiality).

    • Security Training & Awareness

  • Develop and deliver cybersecurity training and awareness programs tailored to various stakeholder groups (employees, management, vendors).
  • Promote a risk-aware culture and drive ongoing compliance awareness campaigns.

    • Incident Response Oversight

  • Support and enhance the incident response governance process by aligning it with NIST CSF framework.
  • Ensure roles, responsibilities, and reporting mechanisms are clearly defined and followed during incidents.
  • Oversee the documentation of lessons learned, RCA, and incorporation of incidents into risk registers.

    • Reporting & Stakeholder Engagement

  • Prepare and present dashboards, heatmaps, and reports for executive management, audit committees, and the board.
  • Maintain governance KRIs and provide insights into risk trends, audit closures, and compliance status.
  • Serve as a key liaison during client assessments, RFP security responses, and due diligence efforts.

    • Team Leadership

  • Manage, mentor, and upskill a team of GRC analysts and specialists.
  • Allocate responsibilities, track performance, and foster collaboration across IT, Legal, Procurement, and Business teams.

    • Key Requirements : Qualifications :

  • Bachelor's / Master's in Information Security, Computer Science, or related field.
  • Professional certifications preferred : CISA, CRISC, ISO 27001 LA, CISSP, CCSK, or equivalent.

    • Experience :

  • 8+ years of experience in Information Security GRC, IT Risk, and Regulatory Compliance.
  • Strong expertise in internal audits, control testing, and vendor security governance.
  • Hands-on experience in managing SOC 2, ISO 27001, or similar frameworks.
  • Demonstrated leadership in team management and multi-stakeholder coordination.
  • Exposure to automating GRC functions using platforms like ServiceNow GRC, Archer, OneTrust, or similar.

    • Skills & Competencies :

  • Strong analytical, documentation, and reporting skills.
  • Effective communication across technical and business audiences.
  • High level of integrity, ownership, and stakeholder management.

    • Skills Required

    Iso 27001, Archer

    Create a job alert for this search

    Manager • Mumbai, India

    Related jobs
    • Promoted
    Cybersecurity Director

    Cybersecurity Director

    Vriba SolutionsThane, IN
    The Cybersecurity Director is responsible for the strategic vision and scaling of the cybersecurity practice to serve external clients. This leader will ensure robust security governance, risk manag...Show moreLast updated: 3 days ago
    • Promoted
    Cisco ISE Network Engineer

    Cisco ISE Network Engineer

    MatchPointThane, IN
    Design, implement, and maintain corporate network infrastructure prioritizing security, reliability, and scalability.Lead Cisco ISE deployments and architecture design expert in RADIUS / 802.X authen...Show moreLast updated: 9 days ago
    • Promoted
    • New!
    Head of Cloud Service Management

    Head of Cloud Service Management

    The Premier Consultants ( Recruitment Company )Kalyan-Dombivli, IN
    Hiring for an IT US based Company.Job Title : Head of Cloud Service Management.Department : Cloud Operations Infrastructure. Bachelor’s or master’s degree in computer science, Information Systems, or ...Show moreLast updated: 19 hours ago
    • Promoted
    • New!
    Information Technology Governance Manager

    Information Technology Governance Manager

    Kotak Mutual FundMumbai Metropolitan Region, India
    Position : Governance, Risk & Compliance (GRC) Specialist.We’re seeking a skilled GRC professional to lead governance, risk management, and compliance initiatives across IT and cybersecurity domains...Show moreLast updated: 9 hours ago
    • Promoted
    Sales Specialist – Cybersecurity & GRC

    Sales Specialist – Cybersecurity & GRC

    CloudHireThane, IN
    We are seeking a motivated, organized, and creative Sales Specialist passionate about selling Cybersecurity and GRC consulting services. The role involves building strong customer relationships, ide...Show moreLast updated: 1 day ago
    • Promoted
    Ecommerce Growth & Optimization Manager

    Ecommerce Growth & Optimization Manager

    TipTop Things LimitedThane, IN
    We're seeking an experienced Ecommerce Growth & Optimization Manager to join our growing team at Nanobag, the creator of innovative ultralight reusable bags. This remote position offers an exciting ...Show moreLast updated: 1 day ago
    • Promoted
    • New!
    Senior Manager Network Operations

    Senior Manager Network Operations

    NTT Global NetworksMumbai Metropolitan Region, India
    Senior Manager – Enterprise Network Operations.Senior Manager – Enterprise Network Operations.Extensive hands-on experience in troubleshooting and managing Large Scale Enterprise LAN environments.S...Show moreLast updated: 9 hours ago
    • Promoted
    • New!
    Senior Manager - Network & Security Operations Compliance

    Senior Manager - Network & Security Operations Compliance

    Kotak Mahindra BankMumbai, Maharashtra, India
    Job Purpose : Oversee the Audit and Compliance activities for the Network & Security Operations within the Information Technology division of the Bank. This role requires effective collaboration wit...Show moreLast updated: 16 hours ago
    • Promoted
    GRC Analyst - Information Security

    GRC Analyst - Information Security

    PINKVILLAMumbai, Maharashtra, India
    Pinkvilla is seeking a dynamic Information Security professional, who will play a key role in driving compliance programs, managing audits, supporting data protection initiatives, and ensuring thir...Show moreLast updated: 30+ days ago
    • Promoted
    Head of Token Strategy & Growth-Blockchain

    Head of Token Strategy & Growth-Blockchain

    Brainwave ScienceKalyan-Dombivli, IN
    Head of Token Strategy & Growth .Using EEG and AI-driven analytics, our platform delivers measurable insights into stress, focus, anxiety, and relaxation—empowering individuals and organizations to...Show moreLast updated: 4 days ago
    • Promoted
    IT Service Management

    IT Service Management

    ISG (Information Services Group)Kalyan-Dombivli, IN
    Wanted : dynamic and creative individuals ready to connect with a like-minded team.You’ll enjoy all the autonomy you need to help our clients make their digital infrastructure faster and more effect...Show moreLast updated: 9 days ago
    • Promoted
    Senior Role - GRC & Infosec

    Senior Role - GRC & Infosec

    NPCI Bharat BillPay LimitedMumbai, Maharashtra, India
    Job Description – GRC (Infosec).The selected candidate will lead the development, implementation, and continuous improvement of the organization's governance, risk management, and compliance framew...Show moreLast updated: 11 days ago
    Infosec Manager

    Infosec Manager

    Mindpool TechnologiesMumbai, Maharashtra, India
    Quick Apply
    We are hiring for Infosec Manager for Vikhroli Mumbai for MNC product-based company.Managing the ISO 27001 and PCI DSS certifications for the Organization. Management reporting and stakeholder manag...Show moreLast updated: 30+ days ago
    • Promoted
    Manager - Trade Operations

    Manager - Trade Operations

    Delta ExchangeThane, IN
    Delta Exchange is a dynamic and rapidly growing crypto exchange that specializes in facilitating derivatives trading, with a primary focus on Options trading. We are India’s largest and world’s 2nd ...Show moreLast updated: 11 days ago
    • Promoted
    Sr. Business Intelligence Manager ( Fintech )

    Sr. Business Intelligence Manager ( Fintech )

    VettioThane, IN
    The Senior Business Intelligence (BI) Manager will play a pivotal role in developing and executing the BI strategy, leveraging data to drive informed decision-making, and ensuring data integrity an...Show moreLast updated: 6 days ago
    • Promoted
    Deputy Manager - Infosec

    Deputy Manager - Infosec

    ConfidentialMumbai
    Assist the Manager in the day-to-day operations of the business, including setting goals, developing strategies, and overseeing the work of team members. Take on leadership responsibilities as neede...Show moreLast updated: 30+ days ago
    • Promoted
    Information Technology Service Desk Manager

    Information Technology Service Desk Manager

    Cactus CommunicationsMumbai, Maharashtra, India
    Overview CACTUS is a remote-first organization and we embrace an accelerate from anywhere culture.You may choose to work from home in Mumbai. however, you will be required to travel to our Andheri...Show moreLast updated: 4 days ago
    • Promoted
    Senior Infosec Engineer – Cloud & Security Solutions

    Senior Infosec Engineer – Cloud & Security Solutions

    IDfyMumbai, Maharashtra, India
    About IDfy IDfy is Asia’s leading TrustStack, trusted by the best, with global expertise and enterprise-grade tech, we’re solving trust challenges, making compliance easy, fraud detection smarter,...Show moreLast updated: 4 days ago