Please wait...

GRC Manager/ GRC Lead

Submitted by ekta on April 8, 2025
Experience
2 - 4 Years
Location
Andheri (East) near Chakala Metro Station, Mumbai
Job Reference Number
2
Job Description

Job Description

  • 2-3 years of experience in GRC, Information Security, or Compliance roles, preferably in a FinTech or financial services environment.
  • Strong knowledge of PCI DSS, ISO 27001, SOC 2, GDPR, RBI guidelines, and other financial regulatory frameworks.
  • Experience conducting internal audits, risk assessments, and compliance reviews.
  • Familiarity with GRC tools and risk management frameworks (e.g., NIST, COSO, COBIT).
  • Strong analytical, problem-solving, and stakeholder management skills.

 

Educational & Professional Credentials

  • Bachelor’s degree in information technology, Computer Science, i.e. MSc Computer Science, B. Tech or Equivalent technical background.
  • Certifications: CISA, CISM, CRISC, CISSP, ISO 27001 Lead Auditor, PCI ISA/QSA.
  • Experience working with payment systems, digital banking, remittances, or forex operations.
  • Knowledge of third-party risk management (TPRM) and security governance models.

Required Knowledge & Skills

Role Overview:

The GRC Manager will be responsible for establishing, implementing, and overseeing Governance, Risk, and Compliance frameworks within the company. This role ensures compliance with PCI DSS, ISO 27001, and other regulatory requirements, while also managing risks related to financial transactions, data security, and operational processes in a FinTech environment.

Governance & Compliance:

  • Implement and maintain PCI DSS, ISO 27001, and other applicable compliance frameworks.
  • Develop and enforce policies, procedures, and controls to meet regulatory and industry standards.
  • Conduct periodic gap assessments and audits to ensure compliance with relevant security and privacy regulations (e.g., RBI guidelines, GDPR, etc.).
  • Collaborate with internal teams (Security, IT, Legal, Product) to ensure compliance is embedded in all business processes.
  • Stay updated on regulatory changes and proactively implement necessary compliance measures.

Risk Management:

  • Develop and manage the Enterprise Risk Management (ERM) framework, identifying, assessing, and mitigating risks related to cybersecurity, operations, and third-party vendors.
  • Conduct risk assessments and business impact analyses to identify vulnerabilities in processes and technology.
  • Oversee third-party/vendor risk management to ensure compliance with security and privacy requirements.
  • Monitor key risk indicators (KRIs) and report findings to senior management.

 

Audit & Incident Management:

  • Lead internal and external audits related to PCI DSS and ISO 27001 compliance.
  • Coordinate with auditors and regulators to address compliance gaps and implement corrective actions.
  • Establish and oversee incident response protocols to ensure swift action in case of security breaches or compliance violations.
  • Conduct root cause analysis (RCA) for compliance issues and implement continuous improvement measures.

Training & Awareness:

  • Conduct employee training programs on risk, compliance, and security best practices.
  • Promote a strong compliance culture within the organization through regular awareness campaigns.

 

Next Steps

If you are interested in this role, please email your latest profile/ resume, your current salary and expected salary to neha.acharekar@riskpro.in

About Riskpro

Riskpro India is a specialized Risk Management consulting company. It is managed by experienced professionals with experiences across various industries. With offices in Mumbai, Delhi, Bangalore, Chennai, Pune and Kolkata, we are one of the fastest growing risk consulting firms in India. We are since 12+ years in business, serviced 850+ clients in 7+ cities with 500+ cities associate representation, 90+ team members with 10 Strategic partners.

Our 5 Business Verticals:

  • Risk Advisory – We conduct Risk based internal audits, SOPs, ERM, legal compliance audits, IFC, Risk Library, etc.
  • IT Advisory – We conduct IT audits, GDPR, SSAE18, HIPAA compliance, 21 CFR, etc.
  • GRC Technology – We provide software for Compliance management, Internal audit, Risk management, Contract management, Vendor Risk Management, etc.
  • GRC Trainings – We conduct in-person/online trainings on topics like ERM, Risk assessment, AML, Fraud risk, Information security among others.
  • GRC Recruitment - We provide full/part time internal auditors, Virtual risk managers and independent directors for corporates.

Please feel free to visit our website www.riskpro.in for more details.

Why Riskpro

Riskpro provides a platform for people to associate with us. When you associate with Riskpro, you can build your own set of clients and leverage the brand to get clients, business for yourself. It is one of its kind business models that offers you the flexibility and freedom of an independent professional, as well as the corporate and brand backing of an established firm.

 

About Riskpro

Riskpro India is a specialized Risk Management consulting company. It is managed by experienced professionals with experiences across various industries. With offices in Mumbai, Delhi, Bangalore, Chennai, Pune and Kolkata, we are one of the fastest growing risk consulting firms in India. We are since 12+ years in business, serviced 850+ clients in 7+ cities with 500+ cities associate representation, 90+ team members with 10 Strategic partners.

Our 5 Business Verticals:

  • Risk Advisory – We conduct Risk based internal audits, SOPs, ERM, legal compliance audits, IFC, Risk Library, etc.
  • IT Advisory – We conduct IT audits, GDPR, SSAE18, HIPAA compliance, 21 CFR, etc.
  • GRC Technology – We provide software for Compliance management, Internal audit, Risk management, Contract management, Vendor Risk Management, etc.
  • GRC Trainings – We conduct in-person/online trainings on topics like ERM, Risk assessment, AML, Fraud risk, Information security among others.
  • GRC Recruitment - We provide full/part time internal auditors, Virtual risk managers and Independent directors for corporates.

Please feel free to visit our website www.riskpro.in for more details.

Why Riskpro

Riskpro provides a platform for people to associate with us. When you associate with Riskpro, you can build your own set of clients and leverage the brand to get clients, business for yourself. It is one of its kind business model that offers you the flexibility and freedom of an independent professional, as well as the corporate and brand backing of an established firm.