Search by job, company or skills

S

Sr Lead - IT Risk & GRC

star union dai-ichi life insurance company limited
Navi Mumbai, Mumbai, India
Fresher
Save
new job description bg glownew job description bg glownew job description bg svg
  • Posted 20 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Primary Responsibilities

  • Own and govern 24x7 Security Operations Center (SOC) services delivered by external vendors.
  • Define SOC operating model, SLAs, KPIs, escalation procedures, and reporting mechanisms.
  • Oversee monitoring, detection, triage, and response activities across endpoints, networks, servers, cloud, and applications.
  • Act as the primary point of contact for SOC vendors and security service providers.
  • Define and maintain security architecture standards aligned with NIST, ISO 27001, IRDAI, and BFSI best practices.
  • Establish baseline security controls across infrastructure (on-prem, cloud, network, endpoints).

Incident Response & Cyber Recovery

  • Lead and coordinate security incident response activities for high and critical incidents.
  • Act as a senior technical advisor during cyber incidents, including ransomware, phishing, malware, and data leakage events.
  • Ensure incident containment, eradication, recovery, root-cause analysis, and post-incident reviews.

Vulnerability & Risk Management

  • Oversee vulnerability management processes driven by vendors and internal teams.
  • Ensure infrastructure risk assessments are performed and remediated in a timely manner.
  • Track, prioritize, and report cyber risks to senior management and risk forums.
  • Produce meaningful metrics on vulnerabilities, threats, and remediation effectiveness.

Metrics, Reporting & Governance

  • Define security operations KPIs and KRIs for SOC, incidents, vulnerabilities, and recovery readiness.
  • Provide executive dashboards and quarterly reports on security posture to CIO, CISO, and senior leadership.
  • Support audits, regulatory assessments, and compliance reporting (IRDAI, ISO).

Secondary Responsibilities

Identity & Access Management (IAM)

  • Define and enforce MFA, RBAC, segregation of duties, and just-in-time / just-enough-access models.
  • Coordinate with IAM and PAM vendors (e.g., One Identity) for implementation and operations.

Security Awareness & Culture

  • Promote a strong security-aware culture within IT and across the organization.
  • Support security awareness and phishing simulation programs driven by internal teams or vendors.

Personal Data Discovery & Classification(DPDP-Tool Implementation)

  • Ensure tools and processes are implemented to discover, classify, and label personal and sensitive personal data across:
  • Core insurance applications
  • Document management systems
  • Email, endpoints, databases, and cloud storage (Azure)
  • Work with IT and vendors to implement data tagging and classification policies (PII, financial data, medical data).

More Info

Job Type:
Permanent Job
Industry:
Insurance
Function:
Security Operations
Employment Type:
Full time

Job ID: 145832173

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 16-04-2026 06:49:22 PM
Homejobs in Navi MumbaiSr Lead - IT Risk & GRC

Similar Jobs

Jr. Technical Analyst ( Presales )

Apex One
A

Data Analyst

Larsen & Toubro

System Analyst

Prudential Group
P

IN_Specialist_SOC_Cyber in Emerging Tech_ Advisory _Mumbai

PwC India

Development Lead , Vice President , Private Markets Reporting

Blackrock