Description
Job Role:
• Lead the Technology GRC function to deliver business objectives
• Develop, implement and enhance GRC policies/frameworks as per best practices/regulatory mandates
• Assess implementation of the regulatory mandates for Technology and cyber security
• Develop vendor risk management frameworks
• Conduct data flow analysis to identify and mitigate data security risks
• Develop and implement Data Privacy Frameworks as per the regulatory requirements
• Define, monitor & report Key Risk Indicators (KRIs) for various Technology domains
• Conduct thematic reviews for critical technology Infrastructure
• Collaborate with other risk partners, such as Enterprise Risk Management, Operational Risk Management, business functions,etc.
• Conduct security/risk awareness, provide education and training to employees/vendors
• Create and maintain an external network with other senior IT risk managers, and relevant risk forums
Qualifications:
• Bachelor or Master’s Degree in any discipline
• 15+ yrs experience
• Analytical capabilities to analyze and detect prospective risks and vulnerabilities.
• Excellent written and verbal communication skills.
• Understanding of the business environment, ability to comprehend how businesses operate, policies work, and how to recognize internal and external risks.
• Excellent interpersonal skills and the ability to build productive, trusting relationships with other IT and business stakeholders
• Through understanding of Risk Management Frameworks/standards such as ISO, NIST etc