Location Name: Pune Corporate Office - Mantri
Job Purpose
- Process Governance – Incident Mgmt, Change Mgmt, Backup Mgmt, Patch and SCD Management
- Ensure IAM process compliance with:
- RBI cybersecurity & IT control requirements
- ISO 27001 access control clauses
- Internal Information Security policies
- Compliance, Assurance & Risk Oversight
- Act as second line oversight for – Incident Mgmt, Change Mgmt, Backup Mgmt, Patch and SCD Management
- control effectiveness.
- Conduct:
o Periodic control self assessments
o Compliance validations
o Evidence checks and sampling
- Identify control gaps, policy deviations, and residual risks.
- Track remediation actions and verify closure with evidence.
- Regulatory, Audit & Inspection Readiness
- Serve as single point of accountability for Incident Mgmt, Change Mgmt, Backup Mgmt, Patch and SCD Management topics during:
o RBI / REBIT inspections
o Internal Audit
o External IS Audits (ISO 27001)
o Control matrices
o SOP adherence reports
o Evidence registers
o Management responses to audit observations
- Ensure zero recurrence of audit findings through root cause governance fixes.
- Policy, SOP & Control Framework Ownership
- Draft, review, and maintain:
o Policy & SOPs
- Ensure policies and SOPs are:
o Clearly owned
o Periodically reviewed
o Mapped to regulatory requirements
- Drive continuous improvement in governance maturity.
Duties And Responsibilities
A- Compliance, Assurance & Risk Oversight
B- Regulatory, Audit & Inspection Readiness
Major Challenges
- To identify all compliance requirements
- Ensure platform controls are aligned with regulatory requirements
Required Qualifications And Experience
- Qualifications
- Engineering / Computer Graduate with 10–14 years of total experience
- 5+ years in IT Security Assessment, Assurance, Risk, or Audit roles
- Prior experience in regulated BFSI environments strongly preferred
- Relevant Certifications like CISA/ISO 27001 LA
- Work Experience
- Strong experience in IT Governance / IT Compliance / IT Risk / GRC
- Deep understanding of Incident Mgmt, Change Mgmt, Backup Mgmt, Patch and SCD Management
- Hands on exposure to RBI regulated BFSI environments
- Excellent documentation, evidence validation, and reporting skills
- Proven experience handling RBI / REBIT / ISO audits
- Strong control assessment and documentation skills
- Excellent analytical, reporting, and stakeholder communication skills
- Good to Have
- Exposure to Upper Tier NBFC / Banking / Financial Services
- Familiarity with ServiceNow GRC / IRM
- Good Written and Verbal Communication with Presentation Skills
