Job Description – ISO & SOC Compliance Executive (GRC)
Position Title
ISO & SOC Compliance Executive (GRC)
Department
Governance, Risk & Compliance (GRC)
Location
Chennai
Experience
3–5 Years
Employment Type
Full-Time
Reporting To
Head – Governance, Risk & Compliance
About the Role
We are seeking a highly organized and proactive ISO & SOC Compliance Executive (GRC) to manage and coordinate end-to-end certification and compliance activities across the organization. The role will be responsible for implementing, maintaining, and improving management systems and compliance frameworks, including ISO 27001, ISO 9001, ISO 14001, ISO 45001, and SOC 2.
The ideal candidate should possess strong knowledge of compliance standards, audit management, documentation control, risk assessment, and stakeholder coordination to ensure successful certification and ongoing compliance.
Key Responsibilities
Certification Management
- Lead and coordinate end-to-end certification projects for:
- ISO 27001 (Information Security Management System)
- ISO 9001 (Quality Management System)
- ISO 14001 (Environmental Management System)
- ISO 45001 (Occupational Health & Safety Management System)
- SOC 2 Type I & Type II
- Ensure timely completion of certification, surveillance, and recertification audits.
- Coordinate with certification bodies, auditors, consultants, and internal stakeholders.
Compliance Documentation
- Develop, maintain, and update:
- Policies and Procedures
- Standard Operating Procedures (SOPs)
- Risk Registers
- Asset Registers
- Internal Controls Documentation
- Compliance Trackers
- Audit Evidence Repositories
- Ensure all documentation remains current and audit-ready.
Audit & Assessment Management
- Conduct internal audits and compliance reviews.
- Perform gap assessments against ISO and SOC requirements.
- Track audit observations, non-conformities, and corrective actions.
- Ensure timely closure of audit findings.
Risk Management
- Assist in identifying, assessing, and mitigating organizational risks.
- Maintain risk treatment plans and compliance registers.
- Support business continuity and information security initiatives.
Stakeholder Coordination
- Work closely with:
- IT Teams
- HR
- Operations
- Finance
- Legal & Compliance
- External Auditors and Consultants
- Facilitate evidence collection and compliance reporting across departments.
Continuous Improvement
- Recommend process improvements and compliance enhancements.
- Monitor regulatory and certification updates.
- Drive awareness and training initiatives related to compliance standards.
Required Skills & Competencies
Technical Skills
- Strong understanding of:
- ISO 27001
- ISO 9001
- ISO 14001
- ISO 45001
- SOC 2 Framework
- Internal Audit Management
- Risk Assessment & Risk Treatment
- Compliance Documentation & Record Management
- CAPA (Corrective & Preventive Actions)
- Policy Development & Governance Controls
Soft Skills
- Excellent documentation and report-writing skills
- Strong analytical and problem-solving abilities
- Effective stakeholder management
- Project coordination skills
- High attention to detail
- Ability to manage multiple certification projects simultaneously
Educational Qualification
- Bachelor's Degree in Engineering, Computer Science, Information Technology, Business Administration, Quality Management, or a related field.
Preferred Certifications
- ISO 27001 Internal Auditor
- ISO 9001 Internal Auditor
- ISO 14001 Internal Auditor
- ISO 45001 Internal Auditor
- SOC 2 Compliance Exposure
- CISA / CISSP (Added Advantage)
Preferred Experience
- Minimum 3 years of experience in ISO certification and compliance management.
- Experience handling external certification audits.
- Exposure to SOC 2 readiness and audit support.
- Experience in IT Services, Managed Services, Technology, Consulting, or BPO environments.
- Familiarity with Governance, Risk, and Compliance (GRC) processes.
