GRC Executive / GRC Manager

Location : Bhandup, Mumbai

Experience : 1-8 years

Industry : Cybersecurity, IT Security, IT Audit

Employment Type : Full-time

Role Overview :

We are seeking Governance, Risk, and Compliance (GRC) professionals to join our team as GRC Executive / GRC Manager. The role involves risk assessment, regulatory compliance, and security audits to strengthen organizational security posture.

The ideal candidate will have hands-on experience with ISO 27001, SOC 2, NIST, and other regulatory frameworks and strong analytical and communication skills to drive compliance initiatives.

Key Responsibilities

Conduct risk assessments, internal audits, and gap analysis based on ISO 27001, SOC 2, GDPR, and NIST

Assist in compliance audits, policy documentation, and regulatory reporting.

Identify security risks, vulnerabilities, and control gaps, providing risk mitigation strategies.

Plan and execute internal / external audits, and develop compliance roadmaps

Support third-party / vendor security assessments and ensure adherence to security standards

Draft and maintain Information Security Policies, Data Privacy Policies, and Risk Management Frameworks

Assist in designing Business Continuity Plans (BCP) and Disaster Recovery (DR) strategies

Prepare and submit compliance reports, audit findings, and risk assessments

Assist in regulatory filings for ISO 27001, GDPR, and other security frameworks

Collaborate with internal teams, clients, and regulators for compliance updates

Required Skills & Qualifications :

1-8 years of experience in GRC, cybersecurity, IT risk management, or compliance

Experience in implementing and leading GRC projects and audits

Certification in ISO 27001 Lead Auditor / Internal Auditor, CISA (mandatory)

Strong knowledge of ISO 27001, GDPR, SOC 2, NIST, ITGC, and Data Privacy Laws

Experience in IT audits, internal audits, risk assessments, and compliance reporting

Proficiency in risk assessment tools, security frameworks, and compliance checklists

Excellent analytical, problem-solving, and communication skills

Ability to work independently and collaborate with cross-functional teams

Strong client handling, regulatory engagement, and stakeholder management skills

Experience in implementing Governance, Risk & Compliance frameworks