Senior Cybersecurity Governance, Risk and Compliance

3 days ago


Mumbai, India Ares Management Corporation Full time

Description

Summary:

We are seeking a motivated and experienced Cybersecurity Governance, Risk, and Compliance (GRC) professional to join our global Cybersecurity team. This Associate Vice President (AVP) will support the execution and continuous improvement of our Technology Risk Management and IT Third-Party Risk Management programs. The ideal candidate will bring a strong understanding of cybersecurity risk principles, vendor risk practices, and GRC frameworks, and will work closely with internal stakeholders and external partners (including a PwC loan staff resource) to ensure effective risk identification, assessment, and mitigation.
You will be part of a talented and collaborative team of Cybersecurity professionals who demonstrate strong technical and strategic capabilities. This is an opportunity to contribute to high-impact Cybersecurity and Technology Risk Management efforts by helping identify gaps in our risk posture and supporting the implementation of effective controls. If you are looking to be part of a dynamic team that continuously challenges itself, is committed to learning and improving, and is passionate about cybersecurity, then this could be the right opportunity for you

​Primary functions & responsibilities-

Support the execution of the Technology and Cyber Risk Management Program, including risk assessments, issue tracking, and remediation follow-up. Assist in the review and analysis of IT vendor assurance artifacts (e.g., SOC reports, penetration test results) and maintain an up-to-date vendor inventory. Coordinate with third-party vendors and internal stakeholder groups (e.g., Legal, Procurement, Compliance, IT) to review and assess the cybersecurity risk posture of third parties. Facilitate cross-functional collaboration to ensure timely completion of vendor assessments and risk mitigation activities. Contribute to the maturity of the IT Third-Party Risk Management program by identifying process improvement opportunities and supporting the development of internal playbooks and procedures. Maintain and update GRC documentation, including risk registers, dashboards, and executive summaries. Document work products in GRC systems (e.g., Hyperproof) and collaboration tools (e.g., Jira, Confluence). Support IT Risk & Audit activities, including the Quarterly Access Review (QAR), by working cross-functionally with IT Risk, Audit Support, and Internal Audit teams to ensure successful execution of the control across IT and business units. Participate in governance meetings and provide regular updates on assigned workstreams and deliverables. Communicate effectively with diverse audiences, including the ability to explain complex risk topics clearly and contribute to improving team communication practices. Take initiative in identifying risks, proposing practical solutions, and following through on tasks with appropriate guidance. Remain adaptable in a dynamic environment, working collaboratively across teams to simplify challenges and support program goals. Build strong working relationships with internal and external stakeholders, supporting alignment and trust across business units.


Qualifications-

Education:

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.

Experience Required:

8–12 years of experience in Cybersecurity, IT Risk Management, GRC, or related fields, preferably in the financial services or technology sector.


General Requirements:

Strong knowledge and practical experience in IT Third-Party Risk Management, including vendor risk assessment methodologies, assurance artifact evaluation, and cross-functional coordination. Familiarity with cybersecurity frameworks and standards such as NIST CSF, ISO 27001, AICPA Trust Services Criteria, and GDPR. Experience with risk management methodologies (e.g., ISO 31000, COSO ERM). Proficiency in GRC platforms (e.g., Hyperproof) and collaboration tools (e.g., Jira, Confluence). Proficiency in Microsoft Office tools (Word, Excel, PowerPoint, Outlook) for reporting, analysis, and communication. Strong analytical, technical writing, and documentation skills. Ability to work independently and collaboratively in a hybrid work environment. Excellent interpersonal skills, with a demonstrated ability to influence, mentor, and collaborate across team

Reporting Relationships

There is no set deadline to apply for this job opportunity. Applications will be accepted on an ongoing basis until the search is no longer active.



  • Mumbai, Maharashtra, India Ares Management Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    Over the last 20 years, Ares' success has been driven by our people and our culture. Today, our team is guided by our core values – Collaborative, Responsible, Entrepreneurial, Self-Aware, Trustworthy – and our purpose to be a catalyst for shared prosperity and a better future. Through our recruitment, career development and employee-focused programming,...


  • Mumbai, India Ares Management Corporation Full time

    Description Summary: We are seeking a motivated and experienced Cybersecurity Governance, Risk, and Compliance (GRC) professional to join our global Cybersecurity team. This Associate Vice President (AVP) will support the execution and continuous improvement of our Technology Risk Management and IT Third-Party Risk Management programs. The ideal...


  • Mumbai, India NAYARA Energy Full time

    DUTIES & RESPONSIBILITIES AREAS ACTIVITIES 1 2 3 4 5 6 7 LEADERSHIP GOVERNANCE RISK ASSESSMENT SUPPLY CHAIN RISK MANAGEMENT AWARENESS & TRAINING POLICY COMPLIANCE MISCELLANEOUS Perform other duties as assigned to ensure the smooth functioning of the department. Recommend programmatic and technical inputs and operate with a high degree of independence in...


  • Mumbai, India Nayara Energy Full time

    Job Description DUTIES & RESPONSIBILITIES AREASACTIVITIES1234567LEADERSHIPGOVERNANCERISK ASSESSMENTSUPPLY CHAIN RISK MANAGEMENTAWARENESS & TRAININGPOLICY COMPLIANCEMISCELLANEOUS Perform other duties as assigned to ensure the smooth functioning of the department. Recommend programmatic and technical inputs and operate with a high degree of independence in...


  • Mumbai, Maharashtra, India Indusind Bank Full time ₹ 15,00,000 - ₹ 25,00,000 per year

    Role & responsibilitiesCompliance Oversight: Ensure that all IT operations, systems, and processes adhere to relevant regulatory requirements, including RBI/SEBI guidelines, and cybersecurity standards.Regulatory Reporting: Strong knowledge in KRI, Public Facing App & DB, Tranche reporting.End to end management of Regulatory submissions: Assign, co-ordinate...


  • Mumbai, India Risk Inn Full time

    Apply Now:Join a top-tier firm and contribute to high-impact projects in a rapidly evolving risk and analytics landscape. Please Read the Job Description and apply if you fulfil the criteria. Click this link to submit your application after reviewing the details below: We are currently supporting our client in India, a leadingRisk Analytics and Consulting...


  • Mumbai, Maharashtra, India Risk Inn Full time ₹ 6,00,000 - ₹ 18,00,000 per year

    Apply Now:Join a top-tier firm and contribute to high-impact projects in a rapidly evolving risk and analytics landscape. Please Read the Job Description and apply if you fulfil the criteria. Click this link to submit your application after reviewing the details below: We are currently supporting our client in India, a leadingRisk Analytics and Consulting...


  • Mumbai, Maharashtra, India Ares Operations Full time ₹ 15,00,000 - ₹ 25,00,000 per year

    8–10 yrs of experience in supporting the execution and continuous improvement of our Technology Risk Management and IT Third-Party Risk Management programs.Exp in Hyperproof /Auditboard /Workiva /OneTrust ,Cybersecurity frameworks and standards

  • GRC Consultant

    3 weeks ago


    Mumbai (ex Bombay), India Jobted IN C2 Full time

    Your Role We are looking for a detail-oriented and experienced GRC Specialist to join our Risk & Compliance team for PAN India location. The ideal candidate will have 4 to 12 years of experience in Cyber Security Risk, Compliance and Data privacy , with a strong understanding in ISO 27001. - Developing and Implementing GRC Frameworks. - Develop and...


  • Navi Mumbai, India Mizuho Full time

    Mizuho Global Services Pvt Ltd (MGS) is a subsidiary company of Mizuho Bank, Ltd, which is one of the largest banks or so called ‘Mega Banks’ of Japan. MGS was established in the year 2020 as part of Mizuho’s long-term strategy of creating a captive global processing center for remotely handling banking and IT related operations of Mizuho Bank’s...