Lead GRC Architect _ Exp : 12+Years

What You’II Do

Deploy and implement next generation GRC solution.

Hands-on experience implementing AuditBoard or equivalent.

Build and management process for risk assessment, issue management, audit management, ITRM, TPRM.

Support and oversee comprehensive technology audits, including assessments of IT General controls across the environment.

Collaborate with external auditors to coordinate and support annual technology audits, ensuring audit requirements and timelines are met.

Identify, assess, and prioritize technology-related risks across the organization, with a focus on cybersecurity, data protection, and operational resilience.

Review and evaluate the design and effectiveness of IT General Controls, recommending improvements as necessary.

Ensure IT processes, systems, and controls align with regulatory requirements (e.g., SOX, GDPR, DORA) and industry standards (e.g., ISO 27001, NIST).

Support compliance teams in responding to internal and external audits and inquiries regarding IT systems and data management practices.

Partner with IT, security, and compliance teams to provide insights on risk mitigation strategies, control enhancements and findings remediation.

Communicate audit findings and recommendations to senior management and key stakeholders, helping to shape a culture of continuous improvement and risk awareness.

Oversee the preparation of audit reports, including executive summaries, findings, and actionable recommendations for improvement.

Monitor industry trends, regulatory changes, and emerging risks to refine and enhance audit methodologies and best practices.

Implement automated audit tools and data analytics to improve audit efficiency, coverage, and accuracy.

Excellent communication and interpersonal skills, with the ability to collaborate effectively across functions and levels.

What We’re Looking For

Bachelor’s degree in information technology, Computer Science, Accounting, or a related field. Master’s degree is preferred.

12+ years of experience in technology, security and risk management

Strong knowledge of IT risk assessment, IT General Controls, NIST framework, and other compliance frameworks.

Expertise in implementing and management of GRC tools. (Must have)

Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) are strongly preferred.