GRC Specialist (Governance, Risk & Compliance)

Hiring expert GRC Specialist to be part of a young and leading Enterprise SaaS Product Company that's redefining the Loyalty domain!

At Loyalty Juggernaut, we're on a mission to revolutionize customer loyalty through AI-driven SaaS solutions. We are THE JUGGERNAUTS, driving innovation and impact in the loyalty ecosystem with GRAVTY, our SaaS Product that empowers multinational enterprises to build deeper customer connections. Designed for scalability and personalization, GRAVTY delivers cutting-edge loyalty solutions that transform customer engagement across diverse industries including Airlines, Airport, Retail, Hospitality, Banking, F&B, Telecom, Insurance and Ecosystem.

Visit www.lji.io to know more about us.

About the Role:

The Governance, Risk & Compliance (GRC) Specialist role will support the organization's compliance, risk management, and information security programs. This role involves assisting in maintaining LJI's compliance posture across various frameworks, including ISO 27001:2022, ISO 27018, ISO 22301, SOC 1, SOC 2, GDPR, and the Data Privacy Framework (DPF). The candidate will coordinate internal audits, perform risk assessments, monitor compliance activities, and ensure all security policies and procedures are reviewed as per schedule.

Key Responsibilities:

Compliance & Governance

• Assist in maintaining compliance with ISO 27001, ISO 27018, ISO 22301, SOC 1, SOC 2, GDPR, and DPF.
• Support periodic reviews and updates of policies, procedures, and records as per the compliance calendar.
• Coordinate with different departments for evidence collection and control validation for ongoing audits.
• Support the preparation and documentation required for internal and external audits.
• Track and follow up on corrective actions and observations raised during audits.

Risk Management

• Participate in periodic risk assessments, identifying, assessing, and documenting information security and operational risks.
• Maintain and update the risk register with input from stakeholders.
• Assist in tracking risk mitigation plans and validating closure evidence.

Internal Audits

• Support the planning and execution of internal audits across business functions.
• Document audit findings, maintain audit records, and assist in preparing audit summary reports.
• Follow up with control owners on remediation activities.

Information Security & Data Privacy

• Support Information Security and Privacy compliance initiatives in alignment with LJI's ISMS
• Assist with privacy compliance tasks related to GDPR and DPF, including consent tracking and retention checks.
• Participate in awareness and training initiatives related to security and compliance.

Documentation & Reporting

• Maintain and track the compliance calendar for policy reviews, risk assessments, and audits.
• Prepare monthly or quarterly compliance status reports.
• Support creation and version control of compliance-related documents.

Qualifications:

• Bachelor's degree in Information Security/Computer Science/or related discipline.
• 13 years of relevant experience in Information Security, Compliance, or Risk Management.
• Basic understanding of ISO 27001, SOC 2, GDPR, and related frameworks.
• Good knowledge of information security concepts and documentation practices.
• Strong written and verbal communication skills.
• Exposure to audit, policy management, or risk management tools preferred.

Preferred Certifications (Optional):

• ISO 27001 Lead Auditor / Internal Auditor
• Certified Information Systems Auditor (CISA)
• GDPR Practitioner or equivalent

Key Attributes:

• Exceptional communication, documentation, and coordination skills.
• Strong process-oriented mindset with a focus on continuous improvement.
• High attention to detail and accuracy in execution.
• Proven ability to collaborate effectively across technical, functional, and business teams.
• Passion for learning and growing within the compliance and information security domain.