GRC Manager - Cyber

Job Description

Job Title: GRC Deputy Manager / Manager Location: Gurgaon Experience: 4+ Years Employment Type: Full-Time Join Time: Immediate joiners preferred Job Summary: We are looking for an experienced GRC Professional to join our Gurgaon office. The ideal candidate will be responsible for managing and enhancing our Governance, Risk, and Compliance (GRC) framework, with a strong emphasis on risk management, regulatory compliance, security governance, and business continuity planning. This role is critical in ensuring that our IT operations align with regulatory standards, industry best practices, and organizational risk appetite. Key Responsibilities: GRC Strategy & Framework: Develop, implement, and maintain policies, procedures, and controls aligned with industry standards such as ISO 27001, NIST, and regulatory requirements (e.g., GDPR, RBI, SEBI). Monitor and assess the effectiveness of the organization's internal controls and GRC framework. Perform periodic risk assessments and control testing to ensure compliance and identify potential areas of improvement. Security & Compliance Oversight: Oversee governance for key security tools and technologies (e.g., SIEM, DLP, EDR, IAM). Coordinate with security operations to ensure compliance with policies and address vulnerabilities. Support compliance audits, prepare documentation, and track remediation activities. Business Continuity Management (BCM): Maintain and enhance the organization's Business Continuity Management System (BCMS) . Conduct Business Impact Analysis (BIA) and support the development, testing, and maintenance of Business Continuity Plans (BCPs) and Disaster Recovery Plans (DRPs) . Stakeholder Collaboration & Reporting: Work closely with cross-functional teams including IT, InfoSec, Legal, and Internal Audit. Prepare and deliver regular reports on risk posture, compliance status, and control effectiveness to senior management. Support internal training and awareness programs related to GRC and security compliance. Qualifications: Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field. Minimum of 4 years of experience in GRC, risk management, IT audit, or related roles. Solid understanding of GRC frameworks, standards, and regulatory environments. Hands-on experience with security tools governance and policy enforcement. Preferred Certifications (Nice to Have): ISO 27001 Lead Auditor/Implementer, CISA, CRISC, CISSP, or equivalent. Show more Show less