Manager - Information Security (Governance, Risk and Compliance)

About the TeamAt Navi, the InfoSec team safeguards our digital ecosystem - ensuring the confidentiality, integrity, and availability of critical systems and data. We lead the charge on cyber risk management, regulatory compliance, and data protection, while championing a security-first culture across all teams.Our mission: Protect what powers Navi - securely, compliantly, and confidently.About the RoleNavi is looking for an Associate Manager II – Information Security to pilot key aspects of its group-wide information security and regulatory compliance program. This role involves interpreting and implementing information security and technology risks mandates from regulators such as RBI, IRDAI, SEBI, and NPCI, ensuring continuous tech compliance across all business units. You will collaborate closely with engineering, infrastructure, legal, and IT teams to establish and maintain robust security policies, frameworks, and controls. Additionally, the role includes conducting risk assessments, enabling audit readiness, managing third-party/vendor security audits, and driving awareness initiatives across the organization, while also representing Navi in internal and external forums when needed.What We Expect From YouAs Navi operates in the regulatory space, this role requires interpreting and helping implement regulations related to cyber security by Reserve Bank of India (RBI), IRDAI and SEBI, as well as any other applicable regulatory guidance related to the service offerings issued by relevant institutions.Further to the point above, ensure on-going monitoring and tech-compliance with existing regulatory expectations across these dimensionsLead the Information security - GRC practice for Navi group level.Ensuring that information security principles, policies, frameworks, standards and controls are defined, implemented and managed effectively.Partner and collaborate extensively with cross-functional teams, such as Engineering, Infrastructure, IT, Legal, and help minimize information security risksArchitect and deliberate on the solutions that are compliant with relevant regulatory cybersecurity requirementsConduct and review results of Technology Risk Assessment, recommending mitigation strategies to bring the Risk to appropriate levels Nav is looking for a Senior Manager Information Security (GRC) to be part of the information securityEnsure readiness of the organization for internal and external audits by keeping all documents, evidences, readyIf required, represent Navi in Board and Board Committee meetings, as well as in discussions with regulatorsConduct Security awareness programs, train personnel on data security & privacy related processes and responsibilitiesReview / conduct Third Party Risk Assessments & Vendor assessments before onboardingReview security solutions / controls implemented by Tech / Engineering teams, controls at data center,cyber / information security incidents, IT BCP and DR drills, cloud security controlsIdentify and define Security KPIs including weekly, monthly reports and update Security DashboardsMust HavesMinimum 7 + years of experience working in information security GRCPrior experience in the Fintech/Startup industry and knowledge of one of the regulatory compliances like PCI DSS, RBI Master Directives, IRDA, SEBI cyber security guideline is preferred.Hands-on approach in solving complex security problemsExperience with Information Security & Risk Management frameworks like ISO27001, NIST SP 800-37, etc Cyber Kill Chain, MITRE ATT&CK, or other relevant frameworksWorking knowledge of Cloud environments like AWS, GCP, Oracle cloud is beneficialExposure to Agile methodologies, DevOps, Cloud technologies is beneficialSoft SkillsAbility to multitask and meet deadlines, and to prioritize in a highly dynamic work environmentAbility to balance risk, potential impact, resourcing, business drivers, and timelinesExcellent verbal and written communication skillsStrong Product ThinkingStrong problem solvingBusiness acumenTechnology groundingStrategic thinkingStrong written and verbal communication skills with a talent for articulating.Inside NaviWe are shaping the future of financial services for a billion Indians through products that are simple, accessible, and affordable. From Personal & Home Loans to UPI, Insurance, Mutual Funds, and Gold - we’re building tech-first solutions that work at scale, with a strong customer-first approach.Founded by Sachin Bansal & Ankit Agarwal in 2018, we are one of India’s fastest-growing financial services organisations. But we’re just getting startedOur CultureThe Navi DNAAmbition. Perseverance. Self-awareness. Ownership. Integrity.We’re looking for people who dream big when it comes to innovation. At Navi, you’ll be empowered with the right mechanisms to work in a dynamic team that builds and improves innovative solutions. If you’re driven to deliver real value to customers, no matter the challenge, this is the place for you.We chase excellence by uplifting each other and that starts with every one of us.Why You'll Thrive at NaviAt Navi, it’s about how you think, build, and grow. You’ll thrive here if:You’re impact-driven : You take ownership, build boldly, and care about making a real difference.You strive for excellence : Good isn’t good enough. You bring focus, precision, and a passion for quality.You embrace change : You adapt quickly, move fast, and always put the customer first.