Job Description

Role Overview

The Infosec Officer will be responsible for designing, implementing, and enforcing the organization's information security policies and practices in alignment with

GDPR, DPDP, SOC, and other regulatory and client compliance expectations

. The role will lead security governance, risk management, auditing, incident response, and security awareness across the organization.

Key Responsibilities

Develop, implement, and maintain

Security Policies, SOPs, and compliance documentation

. Conduct

risk assessments, vulnerability analysis, and security audits

across products, infrastructure, and vendors. Drive

GDPR and DPDP compliance

, privacy controls, data classification, access governance, and retention policies. Monitor and improve

encryption, MFA, DRP/BCP, penetration testing, access control matrix, and log monitoring practices

. Oversee

Incident Response Plan

--investigation, root cause analysis, mitigation, and reporting. Conduct

security awareness training

for all employees--email hygiene, password hygiene, data handling, phishing, device usage. Support

client security questionnaires, RFPs, due diligence reviews

, and ensure timely and accurate compliance responses. Manage

security vendors

for penetration testing, secure hosting, DR, endpoint security, etc. Ensure regular

backup validation, patching, privilege reviews, and infrastructure hardening

. Collaborate with Product, DevOps, HR, and Accounts to ensure

security by design and zero-trust practices

.

Qualifications & Skills

Bachelor's degree in Information Security / Computer Science or equivalent.

2-5 years of experience

in cybersecurity, infosec, risk management, or compliance. Knowledge of

GDPR, DPDP Act, ISO 27001, SOC 2, and cloud security (AWS/GCP/Azure)

. Hands-on experience in

Password policy management, network security, SIEM tools, endpoint security, access controls

. Strong analytical, documentation, and root cause problem-solving skills. Define organisation security process. Certifications preferred but not mandatory (CEH, ISO 27001 Lead Implementer/Lead Auditor, CompTIA Security+)

Key Attributes

High attention to detail and accountability. Ability to enforce policies with clarity and firmness. Strong communication skills for internal training and client-facing compliance discussions. Proactive and self-driven with the ability to foresee risks before escalation.
Job Types: Full-time, Permanent

Pay: ?600,000.00 - ?800,000.00 per year

Benefits:

Paid sick time Paid time off Provident Fund
Application Question(s):

Total Experience Current CTC Expected CTC
Work Location: In person