Sr Lead - IT Governance, Risk and Compliance

Job Description

POSITION SUMMARY: The IT GRC Lead is responsible for establishing and maintaining IT governance frameworks, managing risk and compliance activities, and ensuring alignment with business objectives and regulatory requirements. This role supports audit readiness, drives process improvements, and collaborates across departments to promote a strong GRC culture. It also involves administering GRC tools like RSA Archer and MetricStream and providing training to ensure organizational adherence to best practices. KEY RESPONSIBILITIES:Establish and enforce IT governance frameworks, policies, and procedures that are aligned with industry best practices.Ensure IT governance strategies are in line with the broader business objectives and IT strategy to support organizational growth and operational efficiency.Regularly review and update IT policies and standards to ensure alignment with organizational goals and regulatory requirements.Lead efforts to continuously improve IT governance processes and enhance efficiency across the organization.Conduct comprehensive risk assessments and collaborate with relevant teams to implement effective risk mitigation strategies.Assist in the preparation for and response to internal and external audits, ensuring compliance with relevant standards and regulations.Perform regular audits to assess compliance with internal policies, industry standards, and external regulations.Prepare detailed reports on governance, risk management, compliance status, and audit outcomes for senior management and stakeholders.Maintain comprehensive documentation of IT governance processes, risk assessments, and compliance activities for future reference and audits.Collaborate with IT, legal, InfoSec and other business units to foster a robust culture of governance, risk management, and compliance across the organization.Offer training and guidance to staff on GRC policies, processes, and tools to ensure awareness and adherence to best practices.Administer and optimize GRC tools (RSA Archer, MetricStream) to streamline risk management and compliance activities, improving efficiency and accuracy. DESIRED CANDIDATE PROFILE:10 to 14 years of Experience (Min 6 years in IT Governance)Strong knowledge of IT governance, risk management, and regulatory compliance (BFSI focus)Experience with IT frameworks (COBIT, ITIL, ISO 27001/27002)Skilled in risk assessments, audits, and mitigation strategiesProject management and stakeholder engagement experienceExcellent communication, documentation, and presentation skillsFamiliar with GRC tools and regulatory codes in governance