GRC Executive

Location: Bhandup, Mumbai Experience: 1-8 years Industry: Cybersecurity, IT Security, IT Audit Employment Type: Full-time Role Overview: We are seeking Governance, Risk, and Compliance (GRC) professionals to join our team as GRC Executive / GRC Manager. The role involves risk assessment, regulatory compliance, and security audits to strengthen organizational security posture. The ideal candidate will have hands-on experience with ISO 27001, SOC 2, NIST, and other regulatory frameworks and strong analytical and communication skills to drive compliance initiatives. Key Responsibilities - Conduct risk assessments, internal audits, and gap analysis based on ISO 27001, SOC 2, GDPR, and NIST - Assist in compliance audits, policy documentation, and regulatory reporting. - Identify security risks, vulnerabilities, and control gaps, providing risk mitigation strategies. - Plan and execute internal/external audits, and develop compliance roadmaps - Support third-party/vendor security assessments and ensure adherence to security standards - Draft and maintain Information Security Policies, Data Privacy Policies, and Risk Management Frameworks - Assist in designing Business Continuity Plans (BCP) and Disaster Recovery (DR) strategies - Prepare and submit compliance reports, audit findings, and risk assessments - Assist in regulatory filings for ISO 27001, GDPR, and other security frameworks - Collaborate with internal teams, clients, and regulators for compliance updates Required Skills & Qualifications: - 1-8 years of experience in GRC, cybersecurity, IT risk management, or compliance - Experience in implementing and leading GRC projects and audits - Certification in ISO 27001 Lead Auditor / Internal Auditor, CISA (mandatory) - Strong knowledge of ISO 27001, GDPR, SOC 2, NIST, ITGC, and Data Privacy Laws - Experience in IT audits, internal audits, risk assessments, and compliance reporting - Proficiency in risk assessment tools, security frameworks, and compliance checklists - Excellent analytical, problem-solving, and communication skills - Ability to work independently and collaborate with cross-functional teams - Strong client handling, regulatory engagement, and stakeholder management skills - Experience in implementing Governance, Risk & Compliance frameworks