Job
Description
Governance Risk Compliance Assistant Manager / Manager: Maintain and update the Risk Universe and Risk Register by consolidating risks identified in risk assessments, audit findings, MAS (Minimum Assurance Standards), and gap assessments. Collect, validate, and maintain evidence from relevant teams regarding risk closure. Update and track self-identified audit issues and assessment findings in the Management Awareness Risk Summary tracker on periodic basis. Monitor and review the Exception Tracker to ensure timely renewal and remediation of policy deviations or exceptions. Assist in preparations for ISO 27001:2022 certification and external assessments for in-scope branches, offices, and data canters. Ensure adherence to relevant laws, regulations, and industry standards (e.g., GDPR, NIST, SOX) and oversee compliance efforts. Support internal and external compliance audits by providing documentation and insights. Contribute to the design, implementation, and monitoring of internal controls to safeguard organizational operations and information systems. Assist in drafting, updating, and maintaining governance policies, risk management frameworks, and compliance procedures. Prepare and present periodic reports to senior management on the organizations risk posture, compliance status, and internal control effectiveness. Assist in investigating compliance breaches, risk incidents, or data breaches and support remediation efforts. Proactively recommend enhancements to GRC processes based on industry trends, regulatory updates, and internal assessments Conduct periodic user access review, ensuring compliance with security policies, revoking inactive/ dormant accounts & validating privilege access Perform user reconciliation with HR records, track exceptions & collaborate with IT, HR & business units to optimize access governance Education: Bachelors degree in information security, Cyber Security, Computer Science, IT, Engineering or a related field Experience: Minimum 3-5 years of experience in risk management, governance, compliance, or internal audit roles, preferably within industries like finance, healthcare, or technology. Experience with compliance frameworks such as SOX, ISO 27001 etc.
