Director

Job Description

Job Description: Value Proposition Drives enterprise-wide cyber risk governance while aligning controls with strategic business priorities. Enables secure banking growth through proactive risk mitigation and cross functional stakeholder alignment. Job Details Position Title: Director - Cyber Governance, Risk & Controls (GRC) and Business Enablement (BE) Career Level: L4 Job Category: Director Role Type: Hybrid Job Location: Bangalore About the Team: The Cyber GRC team in India is a high-impact function embedded within the bank s global security strategy. We partner closely with business, legal, compliance, and technology teams to embed cyber risk thinking across the enterprise. The team ensures robust governance, standardized documentation, and measurable control effectiveness. Our goal is to enable secure business growth through a proactive and scalable approach to risk management. Impact (Job Summary/Why this Role Matters) We are seeking a dynamic and experienced Director of Cyber Governance, Risk & Controls (GRC) and Business Enablement (BE) to lead our India-based team and serve as a strategic partner to our US counterparts. This role will be instrumental in shaping, executing, and maturing our cyber risk programs while ensuring operational excellence and alignment to enterprise objectives. The ideal candidate is a strategic thought leader with strong execution capabilities, a deep understanding of governance and documentation standards, and a proven ability to lead high-performing teams. Key Deliverables (Duties and Responsibilities) Governance, Risk & Controls (GRC): Lead the revamp and uplift of the cyber Third Party Risk Management (TPRM) program, ensuring alignment with regulatory expectations and enterprise risk appetite. Design, build, and pilot a targeted cyber risk assessment program to proactively identify, measure, and address emerging risks. Elevate the quality, clarity, and consistency of policy, standard, and procedure documentation in alignment with corporate governance frameworks. Drive corporate and industry regulatory mapping to ensure full traceability and compliance across frameworks (e.g., NIST, ISO, FFIEC, RBI). Deliver impactful metrics, dashboards, and risk reporting, tailored to senior executive and board-level stakeholders. Business Enablement (BE): Partner with US-based portfolio and business enablement teams to support key operational activities in a follow-the-sun model. Lead the planning and delivery of processes and requirements that enable the broader enterprise risk-based cybersecurity strategy. Provide leadership and oversight for key enablement pillars including financial management, vendor engagement, workforce planning, executive reporting, and automation Strategic mindset with the ability to see the big picture while delivering tactical outcomes. Deep knowledge of cybersecurity risk, controls, policy, and documentation standards within a highly regulated environment. Experience leading cross-functional and cross-regional teams, with demonstrated success in influencing and executing across global stakeholders. Expertise in building forward-looking, resilient, and scalable programs grounded in market awareness and business alignment. Strong leadership presence with a passion for developing talent, building inclusive teams, and driving organizational growth Skills and Qualification (Functional and Technical Skills) Bachelor s degree in Information Security, Risk Management, Business Administration, or related field; Master s degree preferred. Minimum 10 years of experience in cybersecurity, governance, risk, or compliance and project/program management with at least 5 years of direct people leadership. Experience in the financial services sector strongly preferred. Familiarity with key regulatory frameworks and standards including NIST, ISO 27001, RBI, FFIEC, and others. Proven ability to analyze, report, and communicate complex risks and data to senior leadership and executive stakeholders. Leadership Qualities (For People Leaders) Operate with integrity, discretion, and a strong ethical compass. Lead investigations independently while coaching junior staff when needed. Serve as a trusted advisor to business units on risk, ethics, and resilience. Navigate ambiguity with composure and bring structure to complex situations. Relationships & Collaboration Partner with legal, HR, cybersecurity, compliance, and facilities security teams. Represent the investigative function in cross-enterprise incident reviews and audits. Engage with law enforcement and regulatory bodies when required.