Description :

Job Role - Governance Risk and Compliance (GRC) Specialist

Experience - 3-8 years

Location - New Delhi

Key Responsibilities:

Governance & Policy Management:

• Develop, implement, and maintain GRC policies, procedures, and frameworks in alignment with industry regulations and standards.
• Ensure adherence to regulatory requirements and corporate governance principles.
• Provide expert advice on corporate compliance programs, risk frameworks, and security governance.
• Collaborate with leadership to align risk management strategies with business objectives.

Risk Management:

• Identify, assess, and mitigate enterprise risks, including IT risk, operational risk, and cybersecurity threats.
• Conduct risk assessments, gap analyses, and vulnerability assessments to identify weaknesses in security controls.
• Implement and monitor risk mitigation strategies and control measures.
• Develop and oversee business continuity and disaster recovery (BC/DR) plans.

Compliance & Audit:

• Conduct compliance assessments and audits to ensure adherence to regulatory requirements (GDPR, HIPAA, SOX, PCI-DSS, ISO 27001, etc.).
• Liaise with internal and external auditors to support audit readiness and remediation efforts.
• Maintain compliance documentation, risk registers, and audit trails.
• Stay updated on regulatory changes and advise leadership on necessary compliance adjustments.

Security & Incident Management:

• Support the implementation of cybersecurity frameworks and best practices.
• Assist in incident response planning and coordinate with security teams to mitigate threats.
• Ensure security policies align with NIST, CIS, and other industry frameworks.

Training & Awareness:

• Conduct GRC training programs for employees on compliance, security awareness, and risk management.
• Promote a culture of risk awareness and ethical business practices.