Chief Manager - Information Security GRC Specialist

Chief Manager Information Security GRC Specialist

Location : Gurugram

Experience : 8-14 Years

We are looking for an experienced Information Security GRC (L3) professional with a strong background in Indian Banking or Fintech industry to join one of Indias leading Payments Bank & Fintech organizations.

The role requires deep expertise in governance, risk & compliance (GRC), strong understanding of Indian regulatory frameworks (RBI, CERT-IN, IRDAI, etc.), and the ability to manage control testing, vendor risk, and InfoSec projects end-to-end.

Key Responsibilities

• Compliance & Standards : Ensure adherence to ISO 27001, ISO 22301, ITGC and other global security standards through compliance assessments and control testing.
• Regulatory Compliance : Drive compliance with Indian regulatory requirements (RBI, CERT-IN, IRDAI, Aadhaar-related guidelines, etc.) and prepare timely reports.
• Third-Party Risk Management : Conduct vendor risk assessments to minimize security risks from third-party engagements.
• Training & Awareness : Implement employee training programs on Information Security, including Aadhaar and data privacy compliance.
• Security KPIs & KRIs : Define, monitor, and report KPIs / KRIs for ongoing security and compliance improvements.
• Technology Understanding : Working knowledge of Firewalls, IDS, DDoS protection, SIEM tools, and other InfoSec technologies.
• Project Management : Lead compliance and security projects, ensuring timely delivery and effective communication with stakeholders and senior management.
• Audit & Documentation : Manage audits, documentation, and dashboards to support compliance and risk visibility.

Desired Skills & Experience :

(ref : iimjobs.com)