Manager - Information Security (Governance, Risk and Compliance)

About the Team

At Navi, the InfoSec team safeguards our digital ecosystem - ensuring the confidentiality, integrity, and availability of critical systems and data. We lead the charge on cyber risk management, regulatory compliance, and data protection, while championing a security-first culture across all teams.

Our mission : Protect what powers Navi - securely, compliantly, and confidently.

About the Role

Navi is looking for an Associate Manager II – Information Security to pilot key aspects of its group-wide information security and regulatory compliance program. This role involves interpreting and implementing information security and technology risks mandates from regulators such as RBI, IRDAI, SEBI, and NPCI, ensuring continuous tech compliance across all business units. You will collaborate closely with engineering, infrastructure, legal, and IT teams to establish and maintain robust security policies, frameworks, and controls. Additionally, the role includes conducting risk assessments, enabling audit readiness, managing third-party / vendor security audits, and driving awareness initiatives across the organization, while also representing Navi in internal and external forums when needed.

What We Expect From You

As Navi operates in the regulatory space, this role requires interpreting and helping implement regulations related to cyber security by Reserve Bank of India (RBI), IRDAI and SEBI, as well as any other applicable regulatory guidance related to the service offerings issued by relevant institutions.

Further to the point above, ensure on-going monitoring and tech-compliance with existing regulatory expectations across these dimensions

Lead the Information security - GRC practice for Navi group level.

Ensuring that information security principles, policies, frameworks, standards and controls are defined, implemented and managed effectively.

Partner and collaborate extensively with cross-functional teams, such as Engineering, Infrastructure, IT, Legal, and help minimize information security risks

Architect and deliberate on the solutions that are compliant with relevant regulatory cybersecurity requirements

Conduct and review results of Technology Risk Assessment, recommending mitigation strategies to bring the Risk to appropriate levels Nav is looking for a Senior Manager Information Security (GRC) to be part of the information security

Ensure readiness of the organization for internal and external audits by keeping all documents, evidences, ready

If required, represent Navi in Board and Board Committee meetings, as well as in discussions with regulators

Conduct Security awareness programs, train personnel on data security & privacy related processes and responsibilities

Review / conduct Third Party Risk Assessments & Vendor assessments before onboarding

Review security solutions / controls implemented by Tech / Engineering teams, controls at data center,

cyber / information security incidents, IT BCP and DR drills, cloud security controls

Identify and define Security KPIs including weekly, monthly reports and update Security Dashboards

Must Haves

Minimum 7 + years of experience working in information security GRC

Prior experience in the Fintech / Startup industry and knowledge of one of the regulatory compliances like PCI DSS, RBI Master Directives, IRDA, SEBI cyber security guideline is preferred.

Hands-on approach in solving complex security problems

Experience with Information Security & Risk Management frameworks like ISO27001, NIST SP 800-37, etc Cyber Kill Chain, MITRE ATT&CK, or other relevant frameworks

Working knowledge of Cloud environments like AWS, GCP, Oracle cloud is beneficial

Exposure to Agile methodologies, DevOps, Cloud technologies is beneficial

Soft Skills

Ability to multitask and meet deadlines, and to prioritize in a highly dynamic work environment

Ability to balance risk, potential impact, resourcing, business drivers, and timelines

Excellent verbal and written communication skills

Strong Product Thinking

Strong problem solving

Business acumen

Technology grounding

Strategic thinking

Strong written and verbal communication skills with a talent for articulating.

Inside Navi

We are shaping the future of financial services for a billion Indians through products that are simple, accessible, and affordable. From Personal & Home Loans to UPI, Insurance, Mutual Funds, and Gold - we’re building tech-first solutions that work at scale, with a strong customer-first approach.

Founded by Sachin Bansal & Ankit Agarwal in 2018, we are one of India’s fastest-growing financial services organisations. But we’re just getting started!

Our Culture

The Navi DNA

Ambition. Perseverance. Self-awareness. Ownership. Integrity.

We’re looking for people who dream big when it comes to innovation. At Navi, you’ll be empowered with the right mechanisms to work in a dynamic team that builds and improves innovative solutions. If you’re driven to deliver real value to customers, no matter the challenge, this is the place for you.

We chase excellence by uplifting each other and that starts with every one of us.

Why You'll Thrive at Navi

At Navi, it’s about how you think, build, and grow. You’ll thrive here if :

You’re impact-driven : You take ownership, build boldly, and care about making a real difference.

You strive for excellence : Good isn’t good enough. You bring focus, precision, and a passion for quality.

You embrace change : You adapt quickly, move fast, and always put the customer first.