Talent.com
This job offer is not available in your country.
Governance, Risk, and Compliance Lead

Governance, Risk, and Compliance Lead

Art Technology and SoftwareKochi, Kerala, India
19 hours ago
Job description

The GRC Lead will be responsible for overseeing the governance, risk management, and compliance functions within the organization.

Responsibilities

  • Strategic Governance & Leadership
  • Lead the design, execution, and maturation of the organization’s comprehensive GRC strategy, encompassing policy governance, risk management frameworks, compliance programs, and continuous improvement initiatives.
  • Own the governance structure including policy lifecycle management, control frameworks, and compliance awareness programs.
  • Align GRC objectives with business goals and regulatory mandates through close collaboration with executive leadership and key stakeholders.
  • Provide leadership, mentoring, and development support to GRC analysts and related teams.
  • Risk Management & Compliance Oversight
  • Direct risk identification, assessment, mitigation strategies, and control effectiveness reviews across the enterprise.
  • Oversee compliance operations including audit management, regulatory assessments, and compliance reporting to ensure adherence to global standards (ISO 27001, NIST, GDPR, PCI-DSS, SOC2).
  • Champion risk appetite definition and risk tolerance monitoring aligned with organizational priorities.
  • Process Improvement & Tooling
  • Guide selection, deployment, and optimization of GRC tools and platforms (e.g., RSA Archer, ServiceNow GRC) to enable scalable risk and compliance management.
  • Drive automation efforts to improve risk intelligence, compliance tracking, and reporting accuracy.
  • Identify and implement best practices and process improvements to enhance operational efficiency and risk visibility.
  • Collaboration & Communication
  • Serve as the primary liaison for GRC matters across IT, Security, Legal, Compliance, and Business units.
  • Translate complex risk and compliance information into clear, actionable recommendations for executive leadership and technical teams.
  • Lead training, awareness programs, and communication efforts to embed a culture of governance and risk mindfulness.
  • Engage with external partners, auditors, and regulators for GRC-related assessments and benchmarking.

Qualifications

  • 7–8 years of progressive experience in Governance, Risk, and Compliance within cybersecurity or related fields.
  • Proven leadership in managing GRC programs, teams, and strategic initiatives.
  • Deep expertise in regulatory standards and frameworks (ISO 27001, NIST, GDPR, PCI-DSS, SOC2).
  • Strong background with GRC platforms such as RSA Archer, ServiceNow GRC, or similar.
  • Experience managing audits, risk assessments, compliance initiatives, and regulatory interactions.
  • Excellent strategic thinking, interpersonal, and communication skills.
  • Relevant certifications such as CISA, CISM, CISSP, CRISC, or PMP are highly desirable.

    • Required Skills

  • Experience with GRC automation and integration within DevSecOps or cloud security contexts.
  • Familiarity with IT and security control frameworks (CIS Controls, MITRE ATT&CK).
  • Industry experience in regulated sectors like finance, healthcare, or government.
  • Strong analytical and problem-solving skills with a data-driven mindset.

    • Preferred Skills

  • Strategic and visionary leader with the ability to influence at all levels.
  • Collaborative and team-oriented approach with proven mentoring skills.
  • Detail-oriented, quality-focused, and proactive in risk anticipation.
  • Passionate about continuous learning and adapting to emerging cybersecurity trends.
    • Create a job alert for this search

    Governance And Compliance Lead • Kochi, Kerala, India