Leadership in GRC Framework Development: Spearhead the creation, implementation, and continuous enhancement of JioStar s GRC framework, ensuring alignment with organizational goals, industry best practices, and regulatory mandates
Develop policies, standards, and procedures that promote governance and accountability
Risk Management: Oversee enterprise-wide risk assessments to identify, analyze, and prioritize risks across operational, IT, cybersecurity, and compliance domains
Design and implement risk mitigation strategies, ensuring proactive monitoring and reporting to senior leadership
Compliance with Indian and International Regulations: Ensure adherence to relevant laws and standards, including the Information Technology Act (India), Digital Personal Data Protection Act (DPDPA), GDPR, ISO 27001, SOC 2, and PCI DSS
Stay abreast of evolving regulatory landscapes and adapt compliance programs accordingly
Audit Management: Lead internal and external audit processes, coordinating with stakeholders to prepare documentation, facilitate audits, and address findings. Ensure timely remediation of gaps and maintain audit readiness at all times
Fostering a Security Culture: Champion security awareness and compliance training initiatives to embed a culture of responsibility and vigilance across all levels of the organization
Engage with cross-functional teams to promote best practices in data protection and ethical conduct
Policy Development and Implementation: Draft, review, and update GRC policies and procedures, ensuring they reflect current risks, regulatory requirements, and technological advancements in the digital services sector
Third-Party Risk Oversight: Develop and manage a vendor risk assessment program to evaluate and monitor compliance and security risks associated with external partners and service providers
Strategic Reporting: Provide regular updates, dashboards, and actionable insights on GRC performance, risk posture, and compliance status to executive leadership and relevant committees
Collaboration and Leadership: Work closely with IT, legal, and business units to align GRC initiatives with operational needs
