GRC Jobs in Mumbai

Job Title: Assistant Manager / Deputy Manager IT Security Location: Mumbai Education: Graduate / Post-Graduate Experience: 4 10 years in IT & IT Security (minimum 2 years in a relevant security role) Role Overview We are seeking a driven and technically skilled Assistant Manager / Deputy Manager IT Security to join our cybersecurity team in Mumbai. This role focuses on Vulnerability Management, Penetration Testing, and Security Assessments across infrastructure and applications. You ll play a key role in identifying security risks, conducting security testing, and ensuring the overall resilience of our systems against evolving cyber threats. Key Responsibilities Perform Vulnerability Assessments and Penetration Testing (VAPT) on network infrastructure, web and mobile applications, and thick-client applications. Conduct configuration reviews for operating systems (Linux, UNIX, Windows) and databases, as well as security devices such as firewalls, routers, and switches. Perform manual and automated web application testing. Conduct source code reviews using both automated tools and manual techniques. Prepare comprehensive technical reports, including risk ratings and mitigation strategies. Ensure timely delivery of status updates, findings, and final reports to stakeholders. Collaborate with development and production teams for false-positive elimination. Stay updated with the latest threats, vulnerabilities, attack vectors, and exploits. Create and share threat intelligence reports on emerging security threats. Conduct cyberattack simulations and Red Team exercises to assess organizational preparedness. Support the design and evaluation of security architectures for infrastructure and applications. Required Skills & Experience Technical Experience (minimum 2 years in the below areas): Vulnerability Assessment and Penetration Testing (VAPT) Application Security Testing (Web, Mobile, APIs, Thick Clients) Patch Management and System Hardening Network Security Architecture Review Cybersecurity assessments and Red Teaming Security architecture design and review Hands-on experience with security tools such as: Nessus, Acunetix, IBM AppScan, nmap, Burp Suite, etc. Strong knowledge of Linux / UNIX systems (e.g., IBM AIX, Sun Solaris, HP UX) Familiarity with Active Directory and identity/access management Solid understanding of security frameworks and compliance requirements Experience preparing professional-grade PowerPoint presentations for technical/non-technical stakeholders Core Competencies Analytical Thinking: Ability to break down complex issues into actionable insights. Problem Solving: Strong troubleshooting skills in a dynamic IT security environment. Communication: Excellent written and verbal skills; capable of conveying complex security topics to different audiences. Collaboration: Proven ability to work across departments to deliver cohesive security solutions. Attention to Detail: High standard of accuracy in testing, documentation, and reporting. Work on cutting-edge security assessments across diverse platforms. Collaborate with a highly skilled team of cybersecurity professionals. Engage in Red Team operations and real-world attack simulations. Stay ahead with continuous learning in the ever-evolving threat landscape. Be a key player in strengthening the organization's overall security posture. Qualification : Graduate / Post-Graduate

Position: Compliance Executive Location: Mumbai Qualification: Graduate Experience: 0 to 2 years Job Description: As a Compliance Executive, you will play a key role in supporting the compliance function within the organization. You will assist in maintaining regulatory adherence, supporting internal policy development, and ensuring that all compliance activities are efficiently tracked and documented. Key Responsibilities: Regulatory Compliance: Track and maintain an updated repository of RBI circulars, notifications, and guidelines that affect NBFCs. Assist in managing compliance checklists and ensure adherence to internal and regulatory timelines. Monitoring & Reporting: Support compliance testing efforts and help identify any gaps or deviations in compliance practices. Prepare and assist in generating compliance status reports and dashboards for internal review. Draft and maintain periodic compliance notes and reports. Policy & Documentation Support: Help in drafting, reviewing, and updating policies, Standard Operating Procedures (SOPs), and compliance manuals. Ensure all compliance-related documents are kept up to date. RBI Correspondence: Assist the Chief Compliance Officer (CCO) in compiling data and preparing documentation for RBI queries, inspections, and supervisory visits. Coordinate internally to gather data for compliance submissions and ensure timely follow-ups. Training & Awareness: Support compliance awareness programs across departments by helping organize training sessions and facilitating internal communications regarding compliance updates. Key Qualifications & Skills: Basic understanding of RBI regulations relevant to NBFCs. Proficiency in MS Excel, Word, and PowerPoint for handling data and preparing reports. Strong attention to detail, particularly in documentation and follow-ups. Good communication skills and the ability to analyze compliance-related issues effectively. Qualification : Graduate

Description Job Requirements Job Title Associate Compliance Place of work - Mumbai Business Unit - Retail Banking Function Compliance Job Purpose: The role entails the responsibility to support Compliance Manager in ensuring bank's policies and procedures comply with regulatory and ethical standards. It includes evaluating all current and new compliance regulations, reviewing bank's processes, and leading training sessions. Roles & Responsibilities: Tracking, monitoring, validating and responding to ad-hoc RBI queries and data requests received from RBI by coordinating with internal stakeholders. Maintain daily, weekly and monthly MIS reports on status of ad-hoc queries and data requests received from RBI. Coordinate with internal & external auditors during audits and examinations, ensuring timely and accurate communication. Coordinate with RBI and Bank s Senior Management for data requirements, meetings, and responses to draft observations, etc., during the RBI inspection. Assist in the submission of RBS data and other regulatory requirements. Coordinate with Compliance Advisory team for review of ad-hoc submission and RBI Inspection related submissions. Monitoring timely submission of Regulatory requirements. Tracking, monitoring, validating and responding to the queries and data requests received from SLBC. Maintain MIS of Incognito Visit, RBI training, internal/external training for presenting in Board, ACB and other Management Committees Obtaining the required approvals/ clarifications from the Regulators. Maintaining the records of all Regulatory/ Statutory Communications in hard as well as soft copies. Educational Qualifications: Graduate - Any Experience: Minimum of 1 -3+ years in Compliance, Audit, Risk other Support functions

Job Title: Deputy Manager IT Governance Location: Mumbai Experience: 6 10 Years Employment Type: Full-Time Education: Graduate in any discipline Designation: Deputy Manager Position Summary We are looking for a highly skilled and experienced Deputy Manager IT Governance to lead and support IT governance, risk management, and compliance initiatives. The ideal candidate will have a solid foundation in IT audit, risk lifecycle management, compliance frameworks (e.g., PCI-DSS, COBIT, NIST, GDPR), and demonstrated experience in aligning IT strategy with organizational goals. Key Responsibilities Governance, Risk & Compliance (GRC) Oversee risk assessments, remediation, monitoring, and governance activities across IT processes. Implement and manage risk mitigation plans and ensure periodic reviews of entitlement and access. Maintain risk registers and risk heat maps; track closure of identified risks within set timelines. Collaborate with cross-functional teams (IT, Legal, HR, Admin, etc.) to ensure strong internal controls. Conduct and support internal and external IT audits, including those required by CAG and under Companies Act 2013. IT Governance Framework Implementation Assist in deploying IT governance frameworks such as COBIT and ITIL to define roles, accountability, and decision-making across IT. Develop, maintain, and communicate IT policies, ensuring alignment with business objectives and compliance requirements. Contribute to lifecycle management of IT policies and procedures creation, approval, communication, and revision. Strategic Planning & Performance Management Align IT initiatives and investments with business strategy and measurable objectives. Track key IT performance indicators (KPIs) and drive value through IT performance and service delivery. Identify opportunities for continuous improvement in IT governance and operations. Compliance & Regulatory Alignment Ensure compliance with internal policies and external regulations such as GDPR, RBI, SEBI guidelines, and PCI-DSS. Provide support during regulatory audits and ensure timely closure of compliance gaps. Work on financial, HR, corporate governance, and administrative audits to ensure holistic risk coverage. Stakeholder Management & Communication Liaise with business units and senior management to communicate IT governance priorities and risks. Prepare governance meeting materials, track action items, and ensure alignment across business and IT functions. Educate internal stakeholders on risk awareness, compliance best practices, and IT governance principles. Required Experience & Skills Experience: 6+ years of experience in IT, including 3+ years in IT Governance, Risk Management, Compliance, or IT Audit. Preferred exposure to both public sector and private enterprise audits. Technical Knowledge: Deep understanding of frameworks such as COBIT, ITIL, NIST, PCI-DSS, ISO27001, SOX. Familiarity with application security, data privacy, identity & access management, and information security domains. Knowledge of GDPR, IT regulatory compliance, and internal controls. Skills: Strong communication and presentation abilities with the capability to influence stakeholders across all levels. Analytical, structured thinking with experience in MIS reporting, governance documentation, and RCA preparation. Familiarity with security incident response and entitlement management. Ability to manage cross-functional projects and drive change. Desirable Certifications (Preferred but not Mandatory) CISA, CISM, CRISC, CGEIT, ITIL, ISO 27001 Lead Auditor/Implementer, PMP Play a pivotal role in shaping IT governance and compliance frameworks. Contribute to strategic business planning by aligning IT with enterprise risk goals. Gain exposure to regulatory and statutory audit processes, including CAG and Companies Act compliance. Qualification : Graduate in any discipline

Job Title: Principal Project Director Operational Risk Management Location: Mumbai, India Experience: 9+ Years About the Role: We are seeking an experienced and dynamic Principal Project Director to lead high-impact projects in operational risk management for financial institutions. In this leadership role, you will manage client engagements, mentor project teams, and provide strategic insights across various risk domains. This is an exciting opportunity for professionals who thrive in fast-paced, global environments and seek to make a tangible impact within the financial services industry. Your Future Employer: A global consulting and technology solutions firm partnering with leading organizations in the financial services sector. Headquartered in India, the firm has a growing international presence and drives digital transformation and regulatory compliance across the APAC, Middle East, and Africa regions. Key Responsibilities: Lead and manage complex projects in operational risk management, including internal controls, SOP development, third-party risk, incident management, and business continuity. Review and validate policies, procedures, frameworks, and risk-control matrices, and actively contribute to Risk Control Self-Assessment (RCSA) initiatives. Independently engage with stakeholders to plan and execute assessments, interpret results, and present documentation that aligns with regulatory requirements. Collaborate with cross-functional teams to define Key Risk Indicators (KRIs), monitor risk thresholds, and integrate incident reporting with loss data frameworks. Contribute to proposal preparation, client presentations, and thought leadership initiatives. Mentor team members and drive project delivery excellence across various risk domains. Key Requirements: 9 12 years of relevant experience in operational risk, fraud risk, internal controls, and related areas, preferably in the BFSI sector or consulting. Educational background in CA, MBA, or other relevant master's programs. Preferred certifications in Project Management or Operational Risk Management (ORM). Strong knowledge of global and Indian risk frameworks and financial services regulations (RBI, SEBI, IRDA). Exposure to GRC tools (e.g., MetricStream, SAP GRC) and strong stakeholder management and team leadership skills. What s in it for You: Lead critical consulting projects for top-tier clients across geographies. Gain exposure to cutting-edge risk management methodologies and global standards. High-ownership role with the flexibility to innovate and influence strategic engagements. Work in a collaborative environment with robust mentoring and leadership support. Attractive performance-based incentives and opportunities for fast-track career growth. Qualification : Educational background in CA, MBA, or other relevant master's programs.