Job Title

Job Title: Manager / Senior Manager – GRC (Governance, Risk & Compliance) Location: Bangalore Experience: 6+ Years Notice Period: Immediate / Early Joiners Preferred Employment Type: Full-TimeRole OverviewWe are looking for an experienced GRC Manager / Senior Manager to lead and strengthen enterprise governance, risk, and compliance programs. The role requires hands-on expertise in ISMS implementation, Third-Party Risk Management (TPRM), and GitOps-driven governance controls, with the ability to align security frameworks to business and technology operations.This is a techno-functional GRC role requiring strong regulatory understanding along with exposure to DevOps / GitOps environments.Key Responsibilities1. Governance & ISMSLead end-to-end ISMS implementation, maintenance, and certification support (ISO 27001).Conduct risk assessments, control design, and gap analysis.Define and monitor policies, standards, procedures, and control frameworks.Drive internal audits, surveillance audits, and remediation tracking.Ensure alignment with global standards such as NIST, SOC 2, RBI/SEBI guidelines (where applicable).2. Third-Party Risk Management (TPRM)Design and manage the third-party risk lifecycle (onboarding, assessment, monitoring, exit).Perform vendor risk assessments, due diligence reviews, and risk scoring.Track remediation plans and ensure risk closure within timelines.Engage with procurement, legal, and business stakeholders for risk sign-offs.3. GitOps & DevSecOps GovernanceEmbed governance controls within GitOps workflows.Collaborate with DevOps teams to ensure secure CI/CD pipelines.Review and validate Infrastructure-as-Code (IaC) governance controls.Define risk policies aligned with automated deployment models.Ensure version control, change traceability, and policy-as-code alignment.4. Risk & Compliance ManagementLead enterprise risk assessments and risk register management.Support regulatory audits and compliance reporting.Develop KRIs, dashboards, and executive reporting.Drive continuous improvement initiatives across governance processes.5. Leadership (Manager / Senior Manager Level)Manage and mentor GRC teams.Interface with CXO-level stakeholders.Support business development and proposal inputs (for consulting environments).Lead large, complex GRC engagements independently (Senior Manager).Required Skills & Experience6+ years of relevant experience in GRC / ISMS / TPRMStrong hands-on experience in ISO 27001 ISMSExperience in designing and managing TPRM programsPractical exposure to GitOps / DevOps governanceUnderstanding of CI/CD security controlsStrong knowledge of risk frameworks (NIST, ISO, SOC 2)Experience handling internal and external auditsExcellent stakeholder management and communication skillsPreferred CertificationsISO 27001 Lead Implementer / Lead AuditorCISA / CISM / CRISCAny DevSecOps / Cloud Security certification (added advantage)