Job Description

:

Review and update security policies, procedures and standards in line with regulatory and industry best practices. Ensure communication & enforcement of policies across departments. Provide periodic risk & compliance reports to senior management & regulators. Maintain dashboards for audit status, risk postures & compliance metrics. Collaborate with business units, IT & security teams to address audit and compliance requirements. Act as a liaison with regulators & certification bodies during inspections & audits. Mentor & guide the Audit & GRC team to enhance skills & performance. Ensure timely completion of assigned tasks & adherence to SLAs. Identify gaps in the current GRC processes and recommend improvements. Stay updates with emerging regulatory changes and industry standards. Build and mentor a high performing Audit & GRC team. Ensure implementation and maintenance of the organisation's GRC framework. Monitor compliance with regulatory requirements (e.g. RBI, ISO27001, PCI-DSS). Develop and update risk registers, ensuring timely risk assessments & mitigation plans. Drive risk acceptance and exception processes with proper documentation & approvals. Prepare annual audit plans covering IT, cybersecurity & operational processes. Conduct internal audits & coordinate with external auditors for regulatory and certification audits. Ensure timely closure of audit findings & track remediation progress.

Skills Required:

ISO 27001, PCI-DSS, GRC, IS Audit Certification :- ISO 27001, CISA, (Mandatory) CEH, CCNA (Optional)

Educational Qualification:

B.E. (IT) / B.Sc. (IT) / B.Tech / BCA / MCA / M.Sc. (IT)

Project Management:

Posted on:

18 Dec 2025

Experience Level: Experienced

Contract Type: Department: