Job Description
Job Title: GRC Deputy Manager – Information Security & Data Privacy
Location: Chennai
Experience: 4+ Years
Notice Period: Immediate to 30 days preferred
Employment Type: Full-time
Role Overview
We are seeking a GRC Deputy Manager with strong hands-on experience in Governance, Risk & Compliance (GRC), Information Security, and Data Privacy. The role involves supporting enterprise-wide security governance programs, conducting risk assessments, ensuring regulatory compliance, and driving data privacy initiatives across business and technology teams.
Key Responsibilities
Governance, Risk & Compliance (GRC)
- Support development and maintenance of information security governance frameworks, policies, and standards
- Conduct IT, cyber, and third-party risk assessments and track remediation actions
- Assist in enterprise risk registers, KRIs, and risk reporting to senior stakeholders
- Support internal audits, external audits, and regulatory assessments
Information Security
- Implement and monitor ISMS controls aligned to ISO 27001 and industry best practices
- Support security risk assessments across applications, infrastructure, cloud, and third parties
- Work closely with IT, security, and business teams to address control gaps
- Track security incidents, risk exceptions, and corrective action plans
Data Privacy & Regulatory Compliance
- Support data privacy programs aligned with GDPR, DPDP Act, and global privacy regulations
- Assist in DPIAs, Ro PA documentation, and data classification exercises
- Review privacy clauses, vendor contracts, and data sharing agreements
- Support privacy audits and regulatory compliance reporting
Stakeholder & Program Support
- Coordinate with cross-functional teams including IT, Legal, Compliance, and Business units
- Prepare management dashboards, compliance metrics, and audit reports
- Support awareness and training programs on information security and data privacy
Required Skills & Experience
- 4+ years of experience in GRC, Information Security, and Data Privacy
- Strong understanding of:
- GRC frameworks and risk management methodologies
- ISO 27001 / ISMS controls
- Data privacy regulations (GDPR, DPDP Act, etc.)
- Experience in risk assessments, audits, and compliance reporting
- Exposure to third-party/vendor risk management is a plus
- Strong documentation, communication, and stakeholder management skills
Preferred Qualifications
- Certifications such as ISO 27001 LA/LI, CISA, CISM, CISSP, or privacy certifications (CDPSE / CIPM / CIPP) are a plus
- Experience working in consulting, BFSI, IT services, or GCC environments preferred
Location: Chennai
Experience: 4+ Years
Notice Period: Immediate to 30 days preferred
Employment Type: Full-time
Role Overview
We are seeking a GRC Deputy Manager with strong hands-on experience in Governance, Risk & Compliance (GRC), Information Security, and Data Privacy. The role involves supporting enterprise-wide security governance programs, conducting risk assessments, ensuring regulatory compliance, and driving data privacy initiatives across business and technology teams.
Key Responsibilities
Governance, Risk & Compliance (GRC)
- Support development and maintenance of information security governance frameworks, policies, and standards
- Conduct IT, cyber, and third-party risk assessments and track remediation actions
- Assist in enterprise risk registers, KRIs, and risk reporting to senior stakeholders
- Support internal audits, external audits, and regulatory assessments
Information Security
- Implement and monitor ISMS controls aligned to ISO 27001 and industry best practices
- Support security risk assessments across applications, infrastructure, cloud, and third parties
- Work closely with IT, security, and business teams to address control gaps
- Track security incidents, risk exceptions, and corrective action plans
Data Privacy & Regulatory Compliance
- Support data privacy programs aligned with GDPR, DPDP Act, and global privacy regulations
- Assist in DPIAs, Ro PA documentation, and data classification exercises
- Review privacy clauses, vendor contracts, and data sharing agreements
- Support privacy audits and regulatory compliance reporting
Stakeholder & Program Support
- Coordinate with cross-functional teams including IT, Legal, Compliance, and Business units
- Prepare management dashboards, compliance metrics, and audit reports
- Support awareness and training programs on information security and data privacy
Required Skills & Experience
- 4+ years of experience in GRC, Information Security, and Data Privacy
- Strong understanding of:
- GRC frameworks and risk management methodologies
- ISO 27001 / ISMS controls
- Data privacy regulations (GDPR, DPDP Act, etc.)
- Experience in risk assessments, audits, and compliance reporting
- Exposure to third-party/vendor risk management is a plus
- Strong documentation, communication, and stakeholder management skills
Preferred Qualifications
- Certifications such as ISO 27001 LA/LI, CISA, CISM, CISSP, or privacy certifications (CDPSE / CIPM / CIPP) are a plus
- Experience working in consulting, BFSI, IT services, or GCC environments preferred
Apply for this Position
Ready to join ? Click the button below to submit your application.
Submit Application