The GRC team is responsible for managing the organization's overall governance, enterprise risk management, and compliance with regulations. The objective of the GRC team is to enable a structured approach to align IT with business objectives, while effectively managing risk and meeting compliance requirements.
Working as part of the GRC team, s/he will be responsible for executing critical projects and day-to-day compliance and operations and enabling Governance mechanisms. s/he needs to drive various internal audits and represent external audits. Understanding existing compliances and staying ahead of compliance trends, manage operational compliances and business as usuals.
• Prepare, maintain and improve on ISMS Policies, procedures, and Standard Operating procedures.
• Manage certifications and audits ISO audit, SOC1 & SOC2 audit, PCI certifications, Internal and external audits, etc.
• Understanding the business processes, working with IT/business SPOCs to comply with various SOX/IT regulations.
• Playing the role of “enabler” for fixing gaps in current processes and implementing processes on the go for problem statements using risk-based approach
• Execute the business-as-usual activities of GRC with the help of the team and responsible to drive the metrics and SLA.
• Collaborate with teams for compliance requirements relating to the various standards like ISO 27001, SOX, and SOC audit.
• Understand and document assessments made on new and existing processes on account of new projects implemented by the GRC team.
• Support other due diligence activities initiated and Perform periodic gap assessments to validate compliance on an ongoing basis.
At Least 4 years of relevant working experience in the GRC domain
Working knowledge of compliance frameworks (ISO, PCI, SOC, SOX)
Understanding of data privacy and security requirements and their implications
Adequate exposure in handling GRC systems, SOX and IT controls
Adequate exposure in handling Articulating identified issues to the business for remediation, mitigation, and sign-off
Good articulation skills
Industry certifications will be added advantage (CISA, CIA)
Effective Organizational & Project management skills
Problem solver and change maker
apply with your résumé to get
the conversation started