Search by job, company or skills

godrej industries group

Manager - Information Security Compliance & Governance

godrej industries group
Mumbai, India
8-10 Years
Save
new job description bg glownew job description bg glownew job description bg svg
  • Posted 4 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Job Requirements

Godrej Industries Group

At the Godrej Industries Group, we are privileged to serve over 1.1 billion consumers globally through our businesses with market leadership positions in the consumer products, real estate, agriculture, financial services and chemicals industries.

https://www.godrejindustries.com/

About Corporate IT Function

The Corporate IT Function serves as a pivotal hub for technological advancement within the Godrej Group. It functions as a strategic partner, adeptly integrating technology with core business objectives to drive innovation and efficiency. Its core objective is to architect proactive technological solutions that align with and enhance our overarching business strategies.

The Corporate IT team boasts a proven track record in managing GIG wide Global IT Infrastructure and Cybersecurity, overseeing enterprise data centers, Cloud Infrastructure, implementing robust Disaster Recovery protocols, establishing an expansive Global Network Infrastructure, vigilant Security Operations Center management, and delivering efficient End User Support. Their expertise extends to orchestrating IT Service Operations with precision and efficiency. Beyond day-to-day operations, this team plays a pivotal role in formulating and implementing Group policies, refining processes, and setting guiding principles. As custodians of Core IT Infrastructure, they ensure robust Cybersecurity defenses, manage the Network, facilitate End User Operations, and drive the strategic development of our Cloud Infrastructure.

Key Responsibilities

  • ISMS Governance & Framework Management
  • Own the sustenance and continual improvement of the ISMS aligned to ISO 27001 and NIST CSF.
  • Lead policy, standard, and procedure lifecycle management (drafting, review, approvals, periodic updates).
  • Drive ISMS lifecycle activities including risk assessments, SoA reviews, corrective action management, and management reviews.
  • Define, monitor, and report ISMS KPIs, KRIs, and control effectiveness metrics.
  • Information Security Risk Management
  • Own identification, assessment, tracking, and reporting of information security risks.
  • Guide business and IT teams in executing risk treatment and mitigation plans.
  • Lead periodic enterprise risk assessments, threat reviews, and control validation exercises.
  • Third Party Information Security Risk
  • Own vendor information security risk governance and assessments.
  • Review vendor risk ratings, gap remediation, and closure status.
  • Coordinate with IT, Legal, Procurement, and Business Units to enforce security requirements.
  • Audit, Compliance & Regulatory Management (ISMS)
  • Lead internal and external ISO 27001 /Stat Audits/ ITGC Audits end‑to‑end.
  • Drive timely closure of audit observations and non‑conformances with clear ownership.
  • Maintain ISMS documentation, audit trails, evidence, and audit readiness across business units.
  • Data Privacy Governance & DPDP Compliance
  • Own organization‑wide Data Privacy governance framework aligned to DPDP Act & ISO 27701
  • Ensure implementation and sustenance of privacy policies, notices, and internal guidelines.
  • Act as primary liaison with Legal and Business teams on privacy compliance matters.
  • Privacy Risk, Assessments & Third‑Party Privacy
  • Lead privacy risk assessments, DPIAs, and data flow reviews across business units.
  • Oversee privacy due diligence of vendors handling personal data.
  • Track remediation of privacy risks and contractual privacy obligations.
  • Information Security & Data Privacy Awareness and Culture
  • Own the organization‑wide Information Security and Data Privacy awareness strategy, with a strong focus on building a sustainable security‑ and privacy‑first culture.
  • Design and drive integrated awareness programs covering information security, privacy (DPDP), acceptable use, data handling, and cyber hygiene, aligned to business risk priorities.
  • Move beyond compliance training to behavioral change, embedding security and privacy considerations into everyday decision‑making and business processes.
  • Lead enterprise initiatives such as phishing simulations, targeted campaigns, leadership messaging, policy awareness, and risk‑based communications.
  • Act as a custodian of security and privacy culture, influencing leadership and employees to treat information protection as a shared responsibility.
  • Reporting, Automation & Leadership Engagement
  • Own ISMS and Privacy dashboards for leadership and governance forums.
  • Track VA/PT findings and closure status.
  • Identify and drive automation opportunities across GRC, access reviews, evidence collection, vendor assessments, and reporting.
  • Lead governance review meetings, track action items, and drive accountability

Work Experience

8–10 years

Benefits

Be an equal parent



Childcare benefits for the birthing parent, commissioning parent (in case of surrogacy) or adoptive parent, and their partners

  • 6 months of paid leave for primary caregivers, flexible work options on return for primary caregivers
  • 2 months paid leave for secondary caregivers
  • Caregiver travel for primary caregivers to bring a caregiver and children under a year old, on work travel

Coverage for childbirth and fertility treatment

No place for discrimination at Godrej

Gender-neutral anti-harassment policy

Same sex partner benefits at par with married spouses

Coverage for gender reassignment surgery and hormone replacement therapy

Community partnerships and advocacy

Persons with Disability (PwD) care

We Are Selfish About Your Wellness

Comprehensive health insurance plans, as well as accident coverage for you and your family, with top-up options

Elder care for those who might need to extend support to senior family members

Preventative healthcare support

Outpatient Department (OPD) coverage, including vaccinations, dental, vision, etc.

Uncapped sick leave

Flexible work options, including remote working and part-time work

Mental wellness and self-care programmes, resources and counselling

Celebrating wins, the Godrej Way

Structured recognition platforms for individual, team and business-level achievements

Digital and offline instant recognition platforms

An inclusive Godrej

Before you go, there is something important we want to highlight. There is no place for discrimination at Godrej. Diversity is the philosophy of who we are as a company. And it has been over a century. It's not just in our DNA and nice to do. Being more diverse - especially having our team members reflect the diversity of our businesses and communities - helps us innovate better and grow faster. We hope this resonates with you.

We take pride in being an equal opportunities employer. We recognise merit and encourage diversity. We do not tolerate any form of discrimination on the basis of nationality, race, colour, religion, caste, gender identity or expression, sexual orientation, disability, age, or marital status and ensure equal opportunities for all our team members.

If this sounds like a role for you, apply now!

We look forward to meeting you.

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Information Technology
Employment Type:
Full time

Job ID: 146062573

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 19-04-2026 06:48:42 PM
Homejobs in MumbaiManager - Information Security Compliance & Governance

Similar Jobs

Finacle Helpdesk Support L3

Dxc Technology
D

Lead Business Analyst

State Bank Of Hyderabad

Gen AI Tester

LTM

Strategic Buying-Indirect

USV Private Limited
U

Strategic Account Manager, West

trendai