Director- GRC Cybersecurity
4 days ago
Job Description Key duties & responsibilities Cybersecurity Risk Governance - Lead the third-party cybersecurity risk management program with a focus on PHI/PII protection, HIPAA compliance, and critical vendor oversight. - Drive assessments aligned with NIST CSF and ISO framework to evaluate and mature cybersecurity program - Establish and maintain exception management, approval management and periodic monitoring - Collaborate with global cybersecurity and IT teams for implementing automation through GRC tools. - Oversee onboarding and offboarding processes to ensure alignment with security policies, BAAs (Business Associate Agreements), and regulatory requirements. - Monitor and govern third-party relationships, conducting periodic risk assessments and ensuring timely remediation of findings. Security awareness and culture - Design and oversee India and Philippines cybersecurity awareness and training program for employees, contractors and vendors - Develop and communicate governance dashboards and awareness campaigns to foster a culture of shared cybersecurity responsibility - Evaluate effectiveness of training program and tailor it based on organizational requirements Audit & Compliance Leadership: - Serve as key POC for client, regulatory, and third-party cybersecurity audits. - Ensure readiness and timely response for HIPAA, SOC 2, CERT-IN assessments, and client cybersecurity reviews and audits - Lead audit coordination across departments, track findings, and drive remediation activities to closure. - Represent the organization during client cybersecurity audits and on-site reviews. Governance Frameworks, Metrics & Reporting: - Establish and maintain standard operating procedures for the organization, client onboarding/offboarding, and evidence handling. - Define and report on KPIs and KRIs for cybersecurity governance. - Develop executive dashboards and actionable insights for leadership, audit committees, and compliance teams. Cross-Functional Collaboration & Risk Advisory: - Work closely with Legal, Procurement, Compliance, and Privacy teams to embed cybersecurity controls into contracts, RFPs, and vendor due diligence. - Advise internal business owners on security risks, remediation plans, and vendor-related compliance obligations. Qualification - Bachelors or Masters degree in Technology, Cybersecurity, Risk Management, or a related field. Experience, Skills and Knowledge - 12+ years of cybersecurity or GRC experience, with at least 5 years in a leadership role, ideally in a healthcare organization or health-tech environment. - Good understanding of HIPAA, HITECH, HITRUST, ISO 27001, CERT-IN and regulatory frameworks. - Proven experience managing cybersecurity risk and audit programs at scale. - Excellent communication skills, with ability to interface with clients, vendors, operational, legal, and IT leadership. Key competency profile - Certified Information Security Manager (CISM) - Certified Information Systems Auditor (CISA) - Certified in Risk and Information Systems Control (CRISC) - HITRUST CCSFP or ISO 27001 Lead Implementer
-
GRC Specialist – OT Security Focus_PAN INDIA
4 weeks ago
Gurugram, Delhi, Bengaluru, India ********** Full timeJob Description Description We are seeking a GRC (Governance, Risk & Compliance) Specialist with a focus on Operational Technology (OT) security to join our team in India. The ideal candidate will have extensive experience in developing and implementing GRC frameworks, conducting risk assessments, and ensuring compliance with industry standards and...
-
Gurugram, India Crocs Full timeinto Information Security, the Governance, Risk, and Compliance (GRC) Engineer plays an instrumental role in guiding GRC strategies and processes.As the primary GRC authority in India and supporting the global GRC team, this engineer works directly with other partners such as Legal, Risk, Internal Audit, etc.to ensure the alignment of the company's IT...
-
Gurugram, India Talent Worx Full timeSeeking a dynamic and experienced professional to lead its Cyber Security Practice, with core expertise in vulnerability management, DevSecOps, penetration testing, application and network security. This leader will play a key role in shaping and scaling attack management services, delivering high-impact solutions to clients, and guiding the next generation...
-
Cyber Security Analyst
3 days ago
Gurugram, Gurugram, India DigiTruce.ai Full timeJob Description About DigiTruce DigiTruce is a mission-driven, veteran-led cybersecurity company specializing in Operational Technology (OT), Industrial Control Systems (ICS), AI Security, and Critical Infrastructure Protection. Founded by experts in national defense and cyber policy, we deliver proactive threat simulations, red-teaming, and continuous...
-
Senior Director
6 days ago
gurugram, India Client of Mancer Full timeRole Overview:The Senior Director – Technology Risk will lead the technology and cyber risk management function, ensuring effective governance, risk identification, assessment, mitigation, and reporting. The role involves partnering with global and regional stakeholders to align captive risk practices with the group's enterprise risk management framework,...
-
Senior Director
6 days ago
Gurugram, India Client of Mancer Full timeRole Overview: The Senior Director – Technology Risk will lead the technology and cyber risk management function, ensuring effective governance, risk identification, assessment, mitigation, and reporting. The role involves partnering with global and regional stakeholders to align captive risk practices with the group’s enterprise risk management...
-
Senior Director
6 days ago
Gurugram, India Client of Mancer Full timeRole Overview:The Senior Director – Technology Risk will lead the technology and cyber risk management function, ensuring effective governance, risk identification, assessment, mitigation, and reporting. The role involves partnering with global and regional stakeholders to align captive risk practices with the group’s enterprise risk management...
-
gurugram, India OSTTRA Full timeAbout the Role:Grade Level (for internal use):12The Team:Join our innovative organization as a GRC Leader with 12+ years of progressive experience governance, risk, and compliance. You will architect and lead a proactive, automation-centric GRC program within a high-velocity AI-native environment. This role is not about compliance checkboxes driven by...
-
Recruiting Intern
2 weeks ago
Gurugram, India Fluidech Full timeTitle: Technical Recruiter – Intern (IT/Cybersecurity) Location: Onsite – Gurugram, Haryana, India Duration: Internship & Full-time Company: Fluidech IT Services Private Limited Company Overview: FLUIDECH, an ESCONET group company and a deemed public company, is a technology consulting and managed services firm specialising in cybersecurity. Founded in...
-
Recruiting Intern
3 weeks ago
Gurugram, India Fluidech Full timeTitle: Technical Recruiter – Intern (IT/Cybersecurity) Location: Onsite – Gurugram, Haryana, India Duration: Internship & Full-time Company: Fluidech IT Services Private Limited Company Overview: - FLUIDECH, an ESCONET group company and a deemed public company, is a technology consulting and managed services firm specialising in cybersecurity. - Founded...
