Deputy Manager - It Grc (Governance, Risk, And Compliance)

ENGIE IndiaPune, Republic Of India, IN

7 days ago

Job description

The Deputy Manager - IT GRC (Governance, Risk, and Compliance) role at ENGIE India is crucial in ensuring the organization's Digital & IT landscape is secure, compliant, and aligned with business objectives. This role involves developing, implementing, and managing IT GRC, risk management, and ensuring compliance with regulations and internal controls. This is an individual contributor role based in Pune, India, with occasional onsite travel to support Digital & IT audits.

Main Objectives

The primary objective is to ensure the IT landscape is secure, compliant, and aligned with business goals. This involves :

Implementing comprehensive IT GRC strategies.
Implementing INCOME framework for D&IT function
Implement and Manage - Risk management processes.
Ensuring adherence to regulations and standards.
Maintain Digital &IT internal control requirements
Lead the Digital & IT Internal Control and Compliance

Key Responsibilities

Audit Preparation and Management : Prepare processes, teams, and documents for internal and external audits. Track and remediate audit observations with corrective and preventive actions.

Risk Management : Manage and track all technology-related risks for timely closure. Oversee formal risk analysis and self-assessment programs for various systems and processes.

Compliance : Ensure compliance with privilege access management processes and relevant IT regulations and standards, such as ISO 27001 and NIST CSF.

Documentation and Communication : Maintain strong documentation and communication skills. Ensure clear communication with stakeholders and effective conflict resolution.

Implementing Initiatives : Coordinate with various departments to ensure smooth execution and monitor progress.

Continuous Improvement : Foster a culture of continuous improvement within the IT GRC team.

Stakeholder Engagement : Engage with key stakeholders, including management and department heads, to ensure IT GRC strategies are well-supported and integrated.

Conducting Risk Assessments : Oversee comprehensive risk assessments to identify potential risks.

Developing Mitigation Strategies : Implement controls and safeguards to reduce the likelihood and impact of risks.

Monitoring and Reporting : Establish effective monitoring mechanisms and regularly report on risk status to management.

Collaboration with Departments : Work closely with various departments to ensure effective implementation of risk management strategies.

Adhering to Regulations : Ensure compliance with all relevant IT regulations and standards.

Implementing Best Practices : Promote the adoption of industry best practices within the organization.

Internal and External Audits : Conduct regular internal audits and manage relationships with external auditors and regulatory bodies.

Policy Development : Develop and maintain comprehensive IT GRC policies.

Coordination and Collaboration

Cross-Departmental Collaboration : Collaborate with various departments to ensure effective implementation of GRC initiatives.

Stakeholder Communication : Ensure stakeholders are informed about the progress and impact of GRC activities.

Conflict Resolution : Resolve conflicts that arise during the implementation of GRC initiatives.

Internal Audits : Conduct internal audits to assess the effectiveness of IT GRC controls and processes.

Managing External Audits : Ensure the organization is well-prepared for external audits and address any findings promptly.

Audit Preparation : lead the preparation for audits to ensure a smooth process.

Addressing Audit Findings : Develop and implement action plans to resolve audit findings and prevent recurrence.

Continuous Improvement : Use audit insights to drive continuous improvement in GRC practices.

Regular Reporting : Provide regular reports on IT GRC activities to management and the board.

Clear Communication : Ensure GRC-related information is communicated clearly and consistently.

Training and Awareness : Promote awareness of GRC policies and practices within the organization through training sessions and resources.

Technical Knowledge and Skills

Understanding IT Systems : Strong understanding of IT systems, including Cloud services, IT-OT convergence, hardware, software, networks, and data management practices.

Security Principles : Deep understanding of security principles, including encryption and access control.

Risk Management Frameworks : Familiarity with frameworks such as ISO 31000 and NIST RMF.

Emerging Technologies : Stay updated on emerging technologies and their impact on IT GRC practices.

Technical Certifications : Relevant certifications such as CRISC are valuable.

Compliance Knowledge

Regulatory Requirements : Deep knowledge of relevant regulatory requirements, such as CEA guidelines, Internal Controls (ITGC), IT Act, Indian and global Energy sector compliance, GDPR, HIPAA, and SOX.

Industry Standards : Familiarity with industry standards like ISO 27001 and NIST CSF.

Compliance Assessment : Conduct regular compliance assessments and develop comprehensive compliance policies.

Training and Awareness : Promote awareness of compliance requirements within the organization.

Analytical and Problem-Solving

Risk Analysis : Conduct formal risk analysis to identify potential vulnerabilities.

Problem-Solving : Develop and implement effective solutions to mitigate risks.

Data Analysis : Analyze data to identify trends, assess risks, and make informed decisions.

Decision-Making : Make informed decisions based on risk and compliance analysis.

Continuous Improvement : Promote a culture of continuous improvement in GRC practices.

Qualifications and Experience

Strong background in Information Technology, Cybersecurity, or a related discipline.

Knowledge of frameworks like ISO 27001, NIST, GDPR, and HIPAA.

5-8 years in IT GRC, preferably in the Energy sector.

Hands-On Experience : Identifying, assessing, and mitigating risks.

Practical Application : Applying GRC principles in energy sector

Work Environment & Physical Requirements : -

Location : Pune, India, with intermittent travel to sites.

Team Size : Individual Contributor role.

Physical Activity : Extended periods of concentration, technical hands-on work, and physical activity during site visits.

Reports to : Cyber Security & IT Infrastructure Manager

Why Join ENGIE?

As a Deputy Manager IT-GRC at ENGIE, you will play a pivotal role in safeguarding and improving the Digital & IT landscape of a global leader in energy and sustainability. Drive ENGIE’s mission to achieve a carbon-neutral world through innovative technology solutions. Join us to contribute to a sustainable future and be part of a transformative journey towards a more efficient and eco-friendlier world.

Visit us at www.Engie.Com and www.Engieindia.Com

Create a job alert for this search

Deputy Manager • Pune, Republic Of India, IN

Related jobs

Promoted

H1B Resource Deployment Manager

PTR GlobalNagpur, IN

Pinnacle Group is a nationally recognized leader in workforce solutions, known for delivering high-impact staffing, talent management, and contingent workforce programs. We support some of the most ...Show moreLast updated: 30+ days ago

Promoted

IT Service Management

ISG (Information Services Group)Nagpur, IN

Wanted : dynamic and creative individuals ready to connect with a like-minded team.You’ll enjoy all the autonomy you need to help our clients make their digital infrastructure faster and more effect...Show moreLast updated: 9 days ago

Promoted

BDM (IT Sales) - Outbound Lead Generation (European Market | Remote)

Unico ConnectNagpur, IN

Remote

Business Development Executive – European Market (Remote).Fluent, clear, and professional English communication is mandatory. Business Development Executive.This role involves conducting initial out...Show moreLast updated: 30+ days ago

Promoted
New!

GRC Manager

Kotak Mutual FundRepublic Of India, IN

Position : Governance, Risk & Compliance (GRC) Specialist.We’re seeking a skilled GRC professional to lead governance, risk management, and compliance initiatives across IT and cybersecurity domains...Show moreLast updated: 2 hours ago

Promoted

It Ariba Applications Manager

NouryonRepublic Of India, IN

At Nouryon, our global team of Changemakers takes positive action every day, to reach higher goals collectively and individually. We create innovative and sustainable solutions for our customers to ...Show moreLast updated: 30+ days ago

Promoted
New!

IT Compliance & Controls Manager

BDO IndiaRepublic Of India, IN

Location : Mumbai / Gurgaon / Bangalore.BDO India Services Private Limited is the India member firm of BDO International. BDO India offers strategic, operational, accounting, tax & regulatory advisory an...Show moreLast updated: 2 hours ago

Promoted
New!

It Risk & Control Manager (Mumbai)

Smart IMS Inc.Republic Of India, IN

Singapore to join our team, supporting a global investment bank.The role will sit within the APAC Risk & Controls function of the bank, which works with Application Managers, Enterprise Control fun...Show moreLast updated: 2 hours ago

Promoted
New!

IT Governance Specialist

Kotak Mutual FundRepublic Of India, IN

Promoted
New!

IT Governance & Controls Manager

BDO IndiaRepublic Of India, IN

Core TRA Roles & Responsibilities : .Responsible for managing assurance engagements with a focus on IT risks.Manages a team of IT assurance professionals involved in evaluating and testing ITGCs, con...Show moreLast updated: 2 hours ago

Promoted
New!

Information Technology Governance Manager

Kotak Mutual FundRepublic Of India, IN

Promoted

Lericon Infomatics - SAS Governance / Compliance Manager - IT Risk

Lericon Informatics Pvt. Ltd.India

Description : Job Summary : We are looking for a dedicated SAS Governance Compliance Manager to oversee the...Show moreLast updated: 30+ days ago

Promoted
New!

Risk And Compliance It Cyber Lead

CSI GLOBAL LTDPune, Republic Of India, IN

The Cybersecurity function is responsible for enabling businesses and functions to.Cybersecurity Lead for Risk and Compliance IT is a role supporting the Chief Information.Security Officer for Ente...Show moreLast updated: 12 hours ago

Promoted

Global IT Projects Sourcing Partner

im24x7 Delta Solutions FZCONagpur, IN

Global IT Projects Sourcing Partner.IT projects, clients, and technology opportunities to IM24x7 Delta Solutions.This role is ideal for professionals who have strong connections in the IT industry,...Show moreLast updated: 9 days ago

Promoted

Senior Manager IS Cyber Culture & Awareness

MashreqNagpur, IN

The Cyber Security Awareness Specialist plays a critical role in maturing Mashreq Bank’s cyber security awareness program. The specialist is responsible for fostering a culture where Cybersecurity i...Show moreLast updated: 18 days ago

Promoted

Senior Role - Grc & Infosec

NPCI Bharat BillPay LimitedRepublic Of India, IN

Job Description – GRC (Infosec).The selected candidate will lead the development, implementation, and continuous improvement of the organization's governance, risk management, and compliance framew...Show moreLast updated: 10 days ago

Promoted

IT Project Bidder

im24x7 Delta Solutions FZCONagpur, IN

Location : Remote | Flexible Engagement.We’re looking for a proactive IT Project Bidder to join our growing team — someone who can identify new project opportunities, communicate with clients, and h...Show moreLast updated: 30+ days ago

Promoted
New!

IT Controls & Governance Manager

Smart IMS Inc.Republic Of India, IN

Promoted

Manager - IT Audit

Hashone Careers Private Limited, India

IT Audit Manager is responsible for leading and managing the planning, execution, and reporting of information technology audits and reviews. This role ensures the organization's IT systems and...Show moreLast updated: 17 days ago