Job Description

We are looking for an experienced GRC Manager with a strong background in conducting audits for Banks, Data Centres, and Insurance Companies. The ideal candidate should be CISA or CISSP certified and have excellent team management and customer handling skills. This role requires expertise in IT governance, compliance frameworks, risk management, and security audits. Key Responsibilities: Audit Compliance: Lead and manage IT security and compliance audits for Banking, Data Centre, and Insurance industries. Ensure adherence to regulatory requirements such as RBI, IRDAI, ISO 27001, PCI DSS, GDPR, DPDP Act, SEBI CSCRF and NIST frameworks. Conduct risk assessments, identify gaps, and recommend security improvements. Work closely with external auditors and regulatory bodies. Prepare audit reports, track remediation, and follow up on compliance actions. Governance Risk Management: Develop and maintain GRC policies, procedures, and controls to strengthen security posture. Conduct periodic risk assessments to identify vulnerabilities and develop mitigation plans. Ensure compliance with industry best practices and legal requirements. Drive third-party risk assessments and vendor security evaluations. Team Management Leadership: Lead, mentor, and manage a team of 12 GRC professionals , providing guidance and support. Allocate resources effectively to meet audit and compliance project deadlines. Encourage professional development and upskilling within the team. Customer Engagement Stakeholder Management: Collaborate with CIOs, CISOs, Chief Risk Officers, and Compliance Teams of customer organisations. Provide expert consultation on IT security, risk, and compliance matters. Ensure seamless communication and issue resolution with customers. Travel Engagements: Willingness to travel across India and internationally for client audits and assessments. Conduct on-site assessments and ensure compliance with global security standards. Requirements: Education: Bachelor s or Master s degree in IT, Computer Science, Cybersecurity, or a related field. Certifications (Mandatory): CISA or CISSP (Additional certifications like ISO 27001 LA, CRISC, CISM are a plus). Experience: 8+ years in IT Security, Audit, GRC, or Compliance roles. Industry Exposure: Banks, Data Centres, and Insurance companies. Technical Knowledge: IT Governance, Risk Management, and Compliance Frameworks (ISO 27001, NIST, PCI DSS, RBI IT Guidelines, DPDP Act). Cloud Security, Data Protection, Business Continuity, and Third-party Risk Management. Familiarity with SIEM, DLP, Vulnerability Management, and Endpoint Security solutions. Soft Skills: Strong leadership and team management skills. Excellent communication and customer handling abilities. Ability to work in a fast-paced, multi-client environment. Why Join Us Challenging rewarding role in a growing cybersecurity and GRC firm. Opportunity to lead and make an impact on large-scale compliance programs. International exposure through audit engagements across different countries.