IT Security and Governance Lead

The IT Security & Governance Lead will be BHIVE Group's dedicated security and

governance role, reporting directly to the SVP – IT.

This is a senior contributor role that combines strategic governance ownership with hands-on

technical execution. The incumbent will be responsible for designing, implementing, and

operationalising BHIVE's end-to-end cybersecurity posture — spanning workplace platforms,

endpoints, network infrastructure, cloud environments, and emerging technology adoption.

Beyond technical controls, this role is central to BHIVE's regulatory readiness (DPDP Act,

CERT-In), AI governance, and the formulation of policies, SOPs, and documentation that

embed security into every layer of the organisation. The right person will be equally comfortable

writing a security policy, leading an incident response, presenting a risk register.

1)Workplace Platform & Email Security

• Secure and govern the Microsoft 365 environment — including identity protection, MFA

enforcement, Conditional Access, and Microsoft Defender suite administration.

• Own email security governance and share point governance, ensuring robust data protection and

domain integrity across all BHIVE platforms.

2) Cybersecurity Governance, Policy & Compliance

• Build and maintain BHIVE's cybersecurity governance framework — policies, risk registers, SOPs,

and control documentation — aligned to ISO 27001 & NIST obligations.

• Lead the organisation's DPDP Act compliance programme, conduct periodic security posture

assessments, and present prioritised remediation roadmaps.

3)Network & Infrastructure Security

• Embed security principles into network design and architecture reviews — covering segmentation,

zero-trust, firewall governance, and secure remote access.

• Own vulnerability management from scanning through remediation, ensuring continuous coverage

across all network-connected assets and cloud workloads.

4)Endpoint, MDM & Detection Controls

• Evaluate, deploy, and manage MDM and EDR/XDR solutions; enforce endpoint hardening

baselines and DLP controls across corporate and BYOD devices.

• Maintain end-to-end threat visibility — tuning detection rules, triaging alerts, and driving timely

response across all endpoint environments.

5)Vendor, Software & Third-Party Governance

• Own third-party and vendor access governance — risk assessments, JIT access controls, SaaS

subscription management, and shadow IT mitigation.

• Collaborate with procurement and legal on security requirements in vendor contracts, and govern

ERP access controls and audit trail configuration.

6) AI Governance & Emerging Technology

• Develop and operationalise BHIVE's AI Governance Policy, defining acceptable use, data handling

guardrails, and risk controls for tools such as Microsoft Copilot ,ChatGPT,Claude etc.

• Monitor the evolving regulatory and threat landscape (DPDP, CERT-In, RBI guidelines) and brief

on implications for BHIVE's security posture.

7)Security Awareness & Incident Response

• Run the organisation-wide security awareness programme — phishing simulations, role-based

training to build a security-first culture.

• Own the Incident Response Plan; coordinate incident response, and deliver regular security

dashboards and risk reports to the SVP-IT.

Required Qualifications

Education Bachelor's degree in Computer Science, Information Technology,

Engineering, or a related technical field. Master's degree or MBA

(IT/Systems) is an advantage.

Experience 8 – 12 years of overall IT/Security experience with a minimum of 4 –

6 years in a dedicated cybersecurity, governance, or infrastructure

security role