GRC/Compliance Executive

Description:

About Snapmint

Snapmint is a leading fintech company redefining access to consumer credit in India. With over 10 million customers across 2,200 cities, our zero-cost EMI platform enables responsible purchases without the need for a credit card across categories like fashion, electronics, and lifestyle. India has over 300 million credit-eligible consumers, yet fewer than 35 million actively use credit cards. Snapmint addresses this gap by offering a trusted, transparent alternative grounded in financial inclusion and ethical lending practices.

Founded in 2017, Snapmint is a profitable, high-growth company doubling year-on-year. Our founding team, alumni of IIT Bombay and ISB, brings deep experience from companies like Oyo, Swiggy,Maruti Suzuki, and has successfully built and exited ventures in ad-tech, patent analytics, and bank-tech.

We are building the future of responsible consumer finance, simple, transparent, and customer-first.

About the Role :

We are seeking a proactive and detail-oriented GRC (Governance, Risk & Compliance) Executive to strengthen our information security and regulatory compliance framework. The role involves maintaining ISO 27001 documentation, ensuring RBI and IT Act compliance, driving policies and SOP rollouts, and coordinating internal/external audits. This position is ideal for candidates with a strong understanding of information security and NBFC regulatory requirements, who can translate compliance frameworks into effective operational practices.

Key Responsibilities :

1. Information Security Governance (ISMS & Risk Management) :

- Maintain and update ISMS documentation, policies, and control procedures in alignment with ISO 27001.

- Maintain and track the risk register, ensure periodic risk reviews, and drive closure of risk mitigation actions.

- Support ISMS internal audits, external certification audits, and management reviews.

- Maintain evidence for controls such as access management, data classification, asset management, and vendor compliance.

2. Regulatory Compliance (RBI, IT Act, CERT-IN, etc.) :

- Track and ensure compliance with applicable RBI Master Directions, IT Act 2000, CERT-IN guidelines, and other NBFC-specific requirements.

- Support timely submission of compliance reports and maintain evidence for regulatory reviews.

- Monitor updates from regulators and translate them into actionable compliance steps for relevant teams.

- Maintain an up-to-date compliance calendar for RBI and information security obligations.

3. Policy and SOP Rollout :

- Draft, review, and standardize security and compliance policies, SOPs, and guidelines across departments.

- Drive policy rollout programs coordinate communication, acknowledgment tracking, and training for employees.

- Periodically review and update policies/SOPs to reflect regulatory or business changes.

- Support awareness initiatives to improve organization-wide adherence to policies and security practices.

4. Audit Coordination & Evidence Management :

- Prepare and organize audit artifacts for internal, external, IT, and ISO audits.

- Coordinate with stakeholders to close non-conformities and maintain audit trail documentation.

- Maintain an updated audit tracker for ongoing and completed activities.

Preferred Skills & Competencies :

- Understanding of ISO 27001 framework, risk management, and ISMS documentation.

- Familiarity with RBI Master Directions, CERT-IN, IT Act, and NBFC compliance landscape.

- Experience in drafting and rolling out policies and SOPs across functions.

- Strong Excel and documentation skills; ability to manage trackers, logs, and audit evidence.

- Excellent coordination, communication, and follow-up skills.

- Attention to detail, high integrity, and ownership mindset.

Education & Qualifications :

- Bachelors degree in information technology, Computer Science, or Commerce.

- Certifications (preferred but not mandatory) : ISO 27001 LA/LI, CISA, CRISC, or other information security/compliance credentials.

Why Join Us :

- Be part of a fast-growing NBFC with strong focus on governance, security, and regulatory excellence.

- Opportunity to work closely with leadership on RBI, IT Act, and ISO 27001 compliance programs.

- Build hands-on expertise in policy governance, audit management, and regulatory operations.