Compliance Lead (GRC)

BETSOL is looking for a Compliance Lead for our Governance, Risk, and Compliance (GRC) team. The Compliance Lead drives the design, implementation, and ongoing maturity of the organization s compliance framework across IT and business functions. This role ensures adherence to regulatory, contractual, and industry-standard requirements, coordinates internal and external audits, and maintains a strong control environment that supports customer and regulatory expectations.

Key Responsibilities

• Own the compliance program covering security, privacy, and IT controls aligned to frameworks such as ISO 27001, ISO 9001, PCI DSS, HIPAA, SOC 2 Type II, and GDPR

• Maintain compliance policies, standards, and procedures; oversee version control, approvals, and organization-wide adoption.
• Conduct periodic control testing and evidence collection, track remediation plans, and validate closure.
• Coordinate external audits and certification assessments, including readiness reviews, audit scheduling, and artifact preparation.
• Lead internal compliance assessments and governance reviews for high-risk functions and core platforms.
• Manage compliance exceptions, deviations, and risk acceptance processes with clear documentation and approvals.
• Support vendor and third-party risk assessments to ensure regulatory and contractual compliance.
• Partner with Security, IT, Engineering, HR, and Legal to implement controls, resolve gaps, and design long-term improvements.
• Deliver compliance training and awareness programs.
• Maintain dashboards, KPIs, and audit-ready documentation for leadership and auditors.

Qualifications

• Bachelor s degree in computer science or equivalent, Information Security, or related field (master s preferred)

• 6+ years of experience in IT compliance, security governance, GRC, or audit.
• Hands-on exposure to ISO 27001, SOC 2, or similar assurance frameworks.
• Strong understanding of policies, access governance, incident management, vulnerability management, change control, and vendor security.
• Experience preparing audit evidence and working with external assessors.
• Excellent documentation, stakeholder management, and communication skills.

• Certifications - Good to have :

  CISSP/ CISA /CISM /CRISC

  ,

  ISO/IEC 27001: 2022, ISO 9001:2015 Lead Auditor/Implementer, CGRC, PCI QSA, SOC 2 Practitioner, CCSP