Information Security Specialist

Job Description

About the Role Join Policybazaar’s Infosec team as an Assistant Manager or Deputy Manager in Governance, Risk & Compliance. You’ll lead the Infosec GRC function, ensure strong security posture, and drive key strategic security initiatives. 🛠️ Key Responsibilities Team Leadership & Governance Lead and manage day-to-day operations of the Infosec GRC team. Develop, review, and optimise Infosec policies, standards, and procedures Risk & Compliance Oversight Conduct regular risk assessments, internal audits, and control reviews. Manage compliance with ISO 27001 and other applicable standards TPRM (Third‑Party Risk Management) Establish and run vendor risk assessment programs, including questionnaires, evidence analysis, and remediation tracking Zero‑Trust & AIMS Implementation Drive zero‑trust architecture principles (least privilege, continuous verification) Oversee deployment of AIMS (Access Identity Management Systems) to enhance IAM controls. Audit & Certification Management Prepare and support internal/external audits. Manage evidence collection and remediation plans Maintain compliance frameworks and certifications (e.g., ISO 27001). Reporting & Awareness Produce governance, risk, and compliance dashboards for senior leadership. Deliver security awareness campaigns, training sessions, and workshops . 🎯 Qualifications & Experience 5–6 years in Information Security, with strong exposure to GRC and Infosec compliance. Solid knowledge of security standards and regulations Hands‑on experience with third-party risk management, IAM platforms, and zero‑trust designs. Proven track record managing Infosec programs, audits, and compliance initiatives. Excellent communication skills—able to explain security concepts to both technical and non‑technical stakeholders. Certifications like CISM, CISA, CISSP, ISO 27001 Lead Implementer/Auditor are highly desirable. 🎓 Nice-to-Haves Familiarity with implementing zero‑trust frameworks (micro‑segmentation, continuous authentication). Experience deploying AIMS, evaluating vendors, or managing capability maturity models. Prior involvement in maintaining cross-organization certifications or managing regulatory exams. 📌 Why Join Us? Lead and shape core security initiatives at India’s leading digital financial services platform. Opportunity to build and manage a high-impact team. Competitive compensation within the top quartile for Infosec GRC roles in Gurgaon.