GRC Lead - IT Risk Management & Compliance

Job Overview:

We are looking for an experienced

GRC Lead

with

8+ years of expertise

in

IT Risk Management, Audit, and Compliance . The ideal candidate should have a strong understanding of

ISO 27001, NIST 800-53, vendor security assessments, and cloud security controls . Key Responsibilities:

Lead

IT Risk Management, Audit, and Compliance

efforts. Implement

ISO 27K controls annexures

and strategies. Conduct

IT security assessments , including audits, vulnerability scanning, and policy reviews. Perform

third-party security risk assessments

based on

ISO 27001 and NIST 800-53 . Review

supplier technical documentation

and vendor security controls. Identify and measure

risks associated with vendor security . Document and track

risks and recommendations

for vendor security gaps. Coordinate and perform

vendor security reviews . Ensure compliance with

cloud-based technologies (IaaS, SaaS) and data protection requirements . ssess

business and security risks

across multiple global geographies and suppliers. Perform

security audits

against published standards. Maintain strong

customer service and attention to detail . Work independently, setting

goals and priorities . Must-Have Skills:

7+ years of experience

in

Cyber Security, GRC, and Data Security . Strong expertise in

ISO 27001 and NIST 800-53

for third-party security risk assessments. Experience in

identifying and measuring vendor security risks . Deep understanding of

ISO 27K controls annexures and implementation strategies . Strong background in

IT Risk Management, Audit, and Compliance . Excellent

communication skills

to work with technical and non-technical teams. Preferred Qualifications:

ISO 27001 LA/LI certification . Bachelor's degree

in Computer Science, Information Security, or a related field. Minimum two years of recent experience

in

information systems audit or security reviews . Strong

problem-solving and analytical skills .