GRC Framework Development: Design, implement, and continuously improve JioStar's GRC framework aligned with organizational goals, best practices, and regulatory mandates.
Policy & Procedure Development: Create and maintain governance policies, standards, and procedures promoting accountability and compliance.
Risk Management: Conduct enterprise-wide risk assessments across operational, IT, cybersecurity, and compliance domains; implement risk mitigation strategies and monitor effectiveness.
Regulatory Compliance: Ensure adherence to Indian and international regulations including the Information Technology Act (India), DPDPA, GDPR, ISO 27001, SOC 2, and PCI DSS.
Audit Management: Lead internal and external audits, coordinate documentation, facilitate audits, and ensure timely remediation of findings.
Security Culture: Champion security awareness and compliance training programs to instill vigilance across the organization.
Third-Party Risk Oversight: Develop and manage vendor risk assessment programs to monitor compliance and security risks.
Strategic Reporting: Provide dashboards and actionable insights on GRC performance, risk posture, and compliance status to executive leadership.
Collaboration & Leadership: Work closely with IT, legal, and business teams to align GRC initiatives with operational objectives; mentor and lead a team of GRC professionals.
Tooling & Automation: Implement automation in control testing, evidence collection, and exception workflows using GRC tools.
