Governance, Risk and Compliance (GRC) - Risk & Compliance Manager/(Experience 10-12 years)
- Functional experience in domain of Governance, Enterprise Risk Management and Regulatory Compliance.
- Experience in regulatory compliance like, Sarbanes-Oxley Act (SOX), General Data Protection Regulation (GDPR), GxP Compliance etc.
- A solid understanding of IT control frameworks and IT general controls
- Working knowledge of overall risk management process that is conducting/participating on internal/external risk assessments and remediation process.
- Must have experience of conducting risk, compliance & audit programs
- Experience in managing large scale information security projects
- Experience across multiple Information Security domain ie IT Regulatory/policy Compliance, IS Governance, Risk Management, IT Infrastructure Security
- Have good technical awareness on Information security & IT network/infrastructure components
- Open to learning and working on new domains and technology
- Open to travel onsite for long term as well as short term.
- Good written and spoken communications skills
- Performing independent Assessment & recommend mitigation strategies on client's Governance Risk & compliance environments like SOX, GxP, GDPR Compliance etc.
- Participates in process and control documentation pertaining to controls implementation.
- Participates in regulatory audits (process and IT) and management reporting.
- Facilitates IT governance implementation.
- Research and Development in best practices around core business processes, IT security.
- Develop service offerings for various industry regulatory and compliance requirements.
- Development and implementation of operational and enterprise risk frameworks.
- Liaise on with Client counterparts for compliance reporting & continually enhancing the risk & compliance framework implemented for the project.
- Drive & participate in different Risk, Compliance & Audit program and support all external/internal compliance assessment
- Drive/assist closure of audit non-conformities
- Monitor compliance with various contractual IT security requirements, customer policies/procedures
- Ensure relevant data privacy controls were deployed and GDPR requirements are monitored
- Point of contact for reporting & investigation of any relevant data breach
- Perform assessment to ensure that data privacy requirements were met
- Perform Delivery Center Assessment and submit report with mitigation/management response
B.E/B.Tech/Bachelor in Technology
CISA/CISM/CISSP certification, ISO 27001 (Lead Auditor) preferred
We are looking for functional consultants have extensive experience in Policies & Process definitions and enforcements.