Apraava - Cyber Security Compliance Specialist

Company Description

Apraava Energy is India's leading integrated energy solutions provider, headquartered in Mumbai, and is jointly owned by the CLP Group and La Caisse, a global investment group. Since its inception in 2002, the company has grown into a forward-thinking, climate-conscious organization, operating across 13 states in India, with a portfolio of 3.4 GW of installed capacity. Apraava is committed to sustainable, low-carbon growth and has invested in renewable energy, power transmission, and advanced metering infrastructure projects across the nation. Recognized for its culture of trust and excellence, Apraava is certified as a Great Place To Work (Dec 2024 Dec 2025) and was featured among the Top LinkedIn Companies in India in 2024.

Role Description

The Compliance Manager (Cybersecurity) will be responsible for ensuring organizational adherence to cybersecurity, data protection, and regulatory standards. This role involves leading audits, implementing compliance frameworks, managing documentation, and acting as a bridge between internal teams and external auditors/regulators. The manager will play a critical role in safeguarding information assets, maintaining certifications, and driving a culture of compliance across the enterprise.

Key Responsibilities

• Lead and implement cybersecurity compliance audits across regulatory and industry frameworks.
• Ensure compliance with ISO 27001:2022, GDPR, DPDP Act, and CEA guidelines.
• Develop, maintain, and monitor Information Security Management Systems (ISMS).
• Drive ISO certification and implementation projects, ensuring audit readiness.
• Conduct risk assessments, gap analyses, and internal audits to identify compliance weaknesses.
• Collaborate with cross-functional teams to embed compliance requirements into business processes.
• Prepare and present audit reports, compliance dashboards, and regulatory documentation to senior management.
• Stay updated on evolving cybersecurity regulations, data protection laws, and industry best practices.
• Provide training and awareness programs to employees on compliance and data protection standards.
• Act as a liaison with external auditors, regulators, and certification bodies.

Relevant Experience & Expertise

^{Exceptionally good Communication & presentation skill both verbal & written.}

^{Good understanding of various IT functions & logical flair for technologies.}

^{Practical experience in leading and implementing cybersecurity compliance audits.}

^{Thorough knowledge of ISO 27001:2022, GDPR, DPDP Act, and CEA guidelines.}

^{Hands-on roles in auditing ISMS and implementing ISO or other compliance standards.}

^{Experience in end-to-end documentation management, including:}

^{Drafting and maintaining policies, SOP's}

^{Handling and mapping evidence for audits.}

^{Managing version control and compliance repositories.}

^{Strong background in policy creation, governance frameworks, and compliance mapping.}

^{Skilled in evidence handling, audit trails, and documentation for certification readiness.}

^{Experience with documentation management tools & Microsoft SharePoint will be a plus point.}

**Although the position is open for both Mumbai & Delhi locations.