Information Security Governance, Risk & Compliance Manager Canfin Homes Limited

5.0 - 9.0 years

7 - 15 Lacs

Bengaluru

Work from Office

1. Responsible for Information Security (IS) Governance, risk management and compliance in the organization. 2. Develop and maintain documentation related to Information Security governance, risks, and audits in alignment with regulatory and compliance requirements. 3. Create, review, and update policies and standards to adapt to evolving organizational needs. 4. Assist in interpreting policies, standards, and guidelines to ensure consistency and regulatory compliance. 5. Monitor and enforce adherence to policies and Standard Operating Procedures (SOPs) across various internal functions. 6. Collaborate closely with the CISO, CRO, and key stakeholders in Risk, IT, and Inspection functions. 1. Develop and maintain documentation for IS governance, risk management, and audits in compliance with regulatory requirements. 2. Record management-level committee meetings and ensure timely tracking and closure of derived actions. 3. Provide guidance on designing and implementing security controls aligned with defined policies and standards. 4. Monitor and enforce adherence to policies and Standard Operating Procedures (SOPs) across IT functions. 5. Track, analyze, and assess requests for policy exceptions, supporting risk evaluation for deviations. 6. Contribute to the policy and standards process by incorporating information management controls and requirements. 1. 4-10 years of relevant work experience in Information Technology (IT) / (IS) Information Security Governance policies, standards, compliance or risk management functions. 2. Exposure to Information security management system (ISMS) Policies, Standards, Process documentation. 3. Experience in handling or conducting audits and ensure closure of observations within given timelines. 4. Monitoring and ensuring the policy / SOP adherence across different IT functions. 5. Recording and ensuring the actions derived are tracked and closed within the agreed timelines from the management committee meetings. 6. Good understanding of IT/IS & Cyber risks, risk management processes and associated reporting models. 7. Experience in third-party risk management frameworks and processes. 8. Industry level certifications: CISA/CISSP/ISO 27001 LA, ISO 27001 LI (Preferred). Preferred candidate profile

Posted 1 month ago

Apply

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.