Job Title

Senior Executive – IT Security GRC and NetworkExperience: 2–3 YearsLocation: PuneReport to: Head - IT Infrastructure and AdministrationRole SummaryWe are seeking a multi-skilled IT & Information Security professional with hands-on experience in Security governance GRC, IT support, and network operations. The role bridges day-to-day IT security management, risk, compliance, and audit readiness, supporting a future Security Manager / CISO track.Key ResponsibilitiesSecurity Governance, Risk & Architecture (CISSP / CISM Aligned)- Support implementation of information security governance frameworks, policies, and procedures - Conduct risk assessments, vulnerability analysis, and impact assessments across office - Track security risks, controls, and remediation actions using risk registers and dashboards - Provide security metrics and reports to management and leadership teamsSecurity Management & GRC (CISM Aligned)- Support ISMS implementation and maintenance (ISO 27001, SOC 2, internal controls) - Coordinate with internal teams to ensure policy adherence and control effectiveness - Participate in incident response, root-cause analysis, and corrective actionsAudit, Compliance & Assurance (CISA Aligned)- Support internal and external IT/security audits - Collect audit evidence, track observations, and support remediation plans - Maintain compliance documentation, SOPs, and audit reportsIT Support & Infrastructure Operations- Provide L2/L3 IT support for end-user systems (Windows/macOS), enterprise applications, and collaboration tools - Manage user lifecycle activities: onboarding, offboarding, access control, and privilege management - Troubleshoot system, hardware, and software issues with focus on availability, performance, and security - Ensure IT operations follow security policies and compliance requirementsNetwork & Systems Administration- Monitor and manage internet service. - Support network security controls - Ensure network uptime, performance, and secure configurationCertifications (Preferred)- CISSP (ISC²) – Governance, risk, and security architecture - CISM – Security management & governance - CISA – IT audit, compliance & risk - CompTIA A+ / Network+ / Security+ (Foundational advantage)