AssetPlus - Compliance & Information Security Specialist

Job Summary:

We are seeking an experienced Information Security Officer to lead and manage our organization's information security and data compliance functions. The Individual will be central in ensuring data integrity, regulatory compliance, and enterprise-wide security across all business functions.

Key Responsibilities:

Regulatory & Technical Expertise :

- Maintain deep understanding of key regulations: DPDP Act, IT Act, SEBI, KRA, IRDAI and ISO 27001.

- Oversee data classification and handling protocols for sensitive information (e.g., KYC, Aadhaar, financial records)

- Evaluate third-party risk and data flow responsibilities (data controllers/processors).

- Monitor internal systems for vulnerabilities and drive breach incident response processes.

- Stay current with evolving legal and cybersecurity threats impacting the organization.

Security Architecture & Enforcement :

- Design and implement access controls, credential management and 2FA protocols.

- Enforce device and network security: MDM solutions, VPN-only access, USB and domain restrictions.

- Ensure full auditing capability (Authentication, Authorization, Accounting) to detect anomalies and trace incidents.

Governance & Accountability:

- Set and enforce data security and compliance policies across all departments.

- Act as the final authority on security decisions, especially during escalations and breaches.

- Conduct regular employee training, certification, and ensure adherence to a security code of conduct

Qualifications & Skills:

- 8-12 years of experience in cybersecurity, information security, or compliance roles.

- Proven knowledge of data privacy laws and enterprise-grade security standards.

- Strong understanding of infrastructure security, access management, and audit systems.

- Excellent communication skills to influence cross-functional teams and leadership.

- Ability to lead with authority while balancing business and regulatory needs.

Preferred Certifications :

CISSP, CISM, ISO 27001 Lead Implementer/Auditor, or equivalent.