Associate Director, Governance Risk and Compliance

This role offers exceptional learning opportunities and engagement with senior management across the company. You will collaborate with key stakeholders on meaningful projects, fostering daily professional growth. Your primary responsibilities will include leading the GRC team, developing audit coverage for new and emerging technologies, and leveraging cutting-edge digital capabilities, including AI and data analytics, to enhance GRC activities.

Primary Duties and Responsibilities:

• Lead the GRC team, providing comprehensive risk-based coverage for cloud infrastructure, applications, AI/ML models, and data platforms.
• Work with engineering team to design and implement real-time risk scoring engines using behavioral analytics and anomaly detection.
• Own Management Action Plans (MAPs) from creation to closure, driving accountability through automated workflows.
• Transition from periodic reporting to continuous assurance with live dashboards and predictive risk signals.
• Work with Engineering team to Architect and operationalise automated evidence collection for 150+ controls using tools like ServiceNow GRC, Drata, or OneTrust.
• Build self-healing remediation playbooks to enhance operational efficiency.
• Recruit, mentor, and lead a GRC team blending policy, automation, and data skills.
• Launch a self-service policy portal to enhance user experience and engagement.
• Lead internal security assurance reviews and manage the third-party risk lifecycle.
• Maintain living mappings of internal standards to SOC 2, ISO 27001, and NIST AI RMF.

Requirements:

• Bachelors degree in information technology, Computer Science, or a related field; Masters degree or relevant certifications (CISA, CRISC, CISSP, or equivalent) preferred.
• Minimum of 12 years of experience in GRC, risk management, or security assurance, with at least 5 years in a leadership role.
• Strong knowledge of cloud security (AWS/GCP/Azure) and AI/ML risk frameworks.
• Proven ability to lead audits and manage multiple projects simultaneously in a fast-paced environment.
• Experience with automation tools for GRC workflows (ServiceNow, Drata, OneTrust, or equivalent).
• Outstanding verbal and written communication skills, capable of presenting findings and recommendations to senior management and stakeholders.
• Strong leadership and team management skills, with experience in mentoring and developing audit team members.
• Strong Data Security Governance experience