Lead - GRC

Job Description

Position Summary: GRC Lead will be responsible for overseeing and managing the QA team to ensure the highest standards of quality are met across all products and services. This role involves developing and implementing QA strategies, leading team projects, and collaborating with other departments to drive continuous improvement in quality processes. Additionally, the GRC Lead will manage GRC (Governance, Risk, and Compliance) requirements and maintain compliance with regulatory standards. Key Responsibilities: Operate within the GRC environment of a large client-facing service organization. Plan and conduct professional ISO 27001/GDPR and SOC2 Type II management system audits in accordance with Greytip's procedures. Prepare annual internal audit plans and conduct internal audits in accordance with established procedures. Act as custodian of documents, ensuring the upkeep of all GRC documents and annual reviews. Maintain regional and other country compliance requirements and regulatory reporting consistency. Engage with government regulatory bodies pertaining to data privacy and compliance, maintaining regular reporting. Develop, implement, and maintain QA strategies, policies, and procedures. Coordinate with cross-functional teams, including development, product management, and operations, to ensure quality standards are met. Conduct regular reviews and audits of QA processes to identify areas for improvement. Analyze and report on key QA metrics to senior management. Ensure compliance with industry standards and regulations. Handle escalations and troubleshoot issues related to quality assurance. Skillset Requirements: Good exposure to coordination and review of evidence per ISMS/GDPR and SOC2 standards. Well-versed in preparing and presenting management dashboards on the status of compliance monthly, quarterly, and annually. Preferred to have ISO 27001 Lead Auditor certification and working knowledge of GDPR/SOC2 and NIST frameworks. Familiarity with certifying bodies and personal affiliations with such bodies is an added advantage. Experience handling a team of 1 or 2 process analysts and vendor coordination capabilities. Strong understanding and working experience in a GRC environment. Experience in presenting to senior management and staff on GRC training and status. Show more Show less