Lead - GRC Risk Management
2 weeks ago
Job Description Position Overview We are seeking an experienced Security GRC (Governance, Risk & Compliance) Lead to own and drive our Risk Management Program. This role will be responsible for defining, implementing, and maturing enterprise-wide information security risk management practices, aligning them with business strategy, regulatory requirements, and industry frameworks. Key Responsibilities Risk Management Leadership - Lead the design, implementation, and continuous improvement of the Information Security Risk Management framework. - Conduct regular risk assessments, control evaluations, and threat modeling across systems, vendors, and business processes. - Maintain and continuously enhance the Risk Register, ensuring timely reporting and mitigation tracking. - Partner with business and technical stakeholders to drive risk treatment plans and ensure accountability for risk reduction. Governance & Frameworks - Develop, refine, and maintain security policies, standards, and procedures aligned with frameworks such as ISO 27001, NIST CSF, SOC 2, and CIS Controls. - Facilitate risk governance committees and ensure effective communication of risk posture to senior management and the Board. - Support strategic initiatives related to compliance, audit readiness, and third-party risk management. Metrics & Reporting - Define and deliver Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs) to measure the maturity and effectiveness of security controls. - Prepare and present risk reports, dashboards, and heatmaps to executive leadership and audit committees. Collaboration & Influence - Partner with business stakeholders to ensure alignment with regulatory requirements (e.g., GDPR, HIPAA, SOX, PCI-DSS). - Serve as a trusted advisor to technology and business teams, helping them make risk-informed decisions. - Champion a risk-aware culture through education, communication, and continuous engagement. Qualifications Required: - Bachelor's degree in Information Security, Computer Science, Risk Management, or related field. - 7+ years of experience in Information Security, GRC, or Risk Management, with at least 3 years in a lead or senior role. - Strong understanding of information security principles, risk assessment methodologies, and governance frameworks (ISO 27001, NIST, COSO, etc.). - Experience with risk management tools (e.g., Archer, ServiceNow GRC, OneTrust, or similar). - Exceptional communication skillsable to translate complex risk topics into actionable insights for executives and business partners. Preferred - Professional certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Implementer, or CGEIT. - Experience in cloud risk management (AWS, Azure, GCP). - Background in regulatory compliance and third-party risk.
-
IT Security Governance, Risk, and Compliance
2 weeks ago
Gurugram, Gurugram, India Crocs Vietnam Full timeJob Description Requisition ID: 9911 Job Location(s): Gurugram, HR, IN, 122022 Time in Office: Hybrid Overview Reporting into Information Security, the Governance, Risk, and Compliance (GRC) Engineer plays an instrumental role in guiding GRC strategies and processes. As the primary GRC authority in India and supporting the global GRC team, this engineer...
-
SAP GRC with Risk Management
3 weeks ago
Hyderabad, India People Prime Worldwide Full timeJob Description Seeking an experienced SAP GRC Consultant to support manage and enhance our SAP Governance Risk and Compliance GRC environment The ideal candidate will have handson experience in implementing and supporting SAP GRC modules with a primary focus on Access Control AC Process Control PC and Risk Management RM The consultant will be responsible...
-
Director - Privacy and GRC
2 weeks ago
Gurugram, Gurugram, India Tsaaro Consulting Full timeJob Description Join Tsaaro as a Director Privacy & GRC Lead with Vision. Drive Transformation. Shape Global Privacy & Governance. Are you a seasoned privacy, security, and governance professional looking to take the next major step in your leadership journey At Tsaaro, we don't just deliver compliance we redefine how organizations implement privacy,...
-
GRC Manager(Governance,Risk
3 weeks ago
Bengaluru, India Exotel Full timeJob Description About Us Exotel is the emerging markets leading full-stack customer engagement platform and business-focused virtual telecom operator. Incorporated in 2011, Exotel's cloud-based product suite powers 50 million daily engagements across voice, video and messaging channels. Exotel powers unified customer engagement to over 6000 companies in 60+...
-
GRC Lead
7 days ago
India (Remote) Swimlane Full timeWe are seeking a mid- to senior-level Governance, Risk & Compliance (GRC) professional to own and evolve our security compliance program. This role is responsible for managing our security-related RFP and questionnaire processes and leading the preparation and execution of all audits tied to our compliance certifications (including SOC 2 Type II,...
-
IT Grc Sme
1 day ago
India CosMic IT Full timeFull Time - India - Posted 9 mins ago - CosMicIT - **CosMic IT** - Find Your Dream Job Here_ Hello Everyone, We at #CosMicIT are looking for a #IT GRC SME Locations: PAN India Job Description: **Responsibilities**: 1. GRC Program Management: - Develop, implement, and manage the overall IT GRC program. - Define and enhance policies, procedures, and...
-
Director - Privacy and GRC
2 weeks ago
Gurugram, India Tsaaro Full timeJoin Tsaaro as a Director – Privacy & GRC Lead with Vision. Drive Transformation. Shape Global Privacy & Governance. Are you a seasoned privacy, security, and governance professional looking to take the next major step in your leadership journey? At Tsaaro, we don’t just deliver compliance — we redefine how organizations implement privacy, information...
-
Director - Privacy and GRC
2 weeks ago
Gurugram, India Tsaaro Full timeJob Description Join Tsaaro as a Director – Privacy & GRC Lead with Vision. Drive Transformation. Shape Global Privacy & Governance. Are you a seasoned privacy, security, and governance professional looking to take the next major step in your leadership journey? At Tsaaro, we don’t just deliver compliance — we redefine how organizations implement...
-
GRC Consultant
2 weeks ago
gurugram, India Cubical Operations LLP Full timeJob Title: GRC Consultant / Senior ConsultantLocation: GurgaonExperience: Minimum 2 yearsShift: Regular business hours (as per company policy)Role OverviewWe are seeking a GRC Consultant / Senior Consultant with strong experience in ISMS, ISO 27001, and Third-Party Risk Management (TPRM). The ideal candidate will support governance, risk, and compliance...
-
Information Security – Risk Manager – GRC
1 week ago
india SMC Group Full timeStarted in the year 1990, SMC is a well-diversified financial service company in India & Abroad, offering one stop investment solutions in trading & investments. SMC believes in growing with its clients and creating valuable relationships. It's about having the passion to go that extra mile and it's about making the clients and partners a part of the...
