Search by job, company or skills

National E-Governance Division

Security & GRC Lead

National E-Governance Division
Delhi, India
10-14 Years
Save
new job description bg glownew job description bg glow
  • Posted 6 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Role: Security & GRC Lead

Experience: 10–14 years

Location: New Delhi (on-site)

About the Role

SIDH handles Aadhaar-linked identity, financial disbursements, learner PII, and certification data across national schemes. As of January 2026, it has zero CISO coverage, no GRC framework, and several procured security tools (Varonis, Cymulate, OPSWAT) that are not yet deployed. This is one of the most urgent hires in the PMU.

Key Responsibilities

  • Establish the platform security governance framework, cyber risk register, policy baseline, and security architecture review process
  • Own privacy and compliance leadership for DPDP Act controls — acting as the Data Protection Officer-equivalent function
  • Lead rollout governance for procured-but-undeployed tools: Varonis (DSPM), Cymulate (BAS), and OPSWAT (DAP/CIP)
  • Govern VAPT, application security testing, vulnerability management, and remediation tracking across all vendors
  • Drive zero-trust, access control, data classification, and secure third-party access frameworks
  • Coordinate with CERT-In, auditors, ministries, and vendors on incidents, compliance, and assurance
  • Define security architecture sign-off requirements for integrations, APIs, identity flows, cloud controls, and new services
  • Activate WAF from monitoring-only to enforcement mode; drive closure of all AS-IS security gaps

What We Are Looking For

  • Strong experience in security architecture, governance, risk, and compliance for environments handling sensitive PII at scale —payments, health data, or govtech
  • This is NOT a policy-only role — must have hands-on security architecture experience
  • Knowledge of DPDP Act obligations (Rules notified January 2025), CERT-In guidelines, and zero-trust principles
  • Ability to lead governance without needing to be the SOC operator or penetration tester

Good to Have

  • CISSP, CISM, or equivalent certification
  • ISO 27001 implementation experience in a complex, multi-vendor environment
  • Prior experience in public-sector or regulated programmes with Aadhaar, financial, or national-scale PII exposure

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Security Governance, Risk And Compliance
Employment Type:
Full time

Job ID: 147485939

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 15-05-2026 10:03:23 PM
Homejobs in DelhiSecurity & GRC Lead