Search by job, company or skills

IndiGo (InterGlobe Aviation Ltd)

Lead - GRC Risk Management

IndiGo (InterGlobe Aviation Ltd)
Gurugram, India
7-9 Years
new job description bg glownew job description bg glownew job description bg svg
  • Posted 2 days ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Position Overview

We are seeking an experienced Security GRC (Governance, Risk & Compliance) Lead to own and drive our Risk Management Program. This role will be responsible for defining, implementing, and maturing enterprise-wide information security risk management practices, aligning them with business strategy, regulatory requirements, and industry frameworks.

Key Responsibilities

Risk Management Leadership

  • Lead the design, implementation, and continuous improvement of the Information Security Risk Management framework.
  • Conduct regular risk assessments, control evaluations, and threat modeling across systems, vendors, and business processes.
  • Maintain and continuously enhance the Risk Register, ensuring timely reporting and mitigation tracking.
  • Partner with business and technical stakeholders to drive risk treatment plans and ensure accountability for risk reduction.

Governance & Frameworks

  • Develop, refine, and maintain security policies, standards, and procedures aligned with frameworks such as ISO 27001, NIST CSF, SOC 2, and CIS Controls.
  • Facilitate risk governance committees and ensure effective communication of risk posture to senior management and the Board.
  • Support strategic initiatives related to compliance, audit readiness, and third-party risk management.

Metrics & Reporting

  • Define and deliver Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs) to measure the maturity and effectiveness of security controls.
  • Prepare and present risk reports, dashboards, and heatmaps to executive leadership and audit committees.

Collaboration & Influence

  • Partner with business stakeholders to ensure alignment with regulatory requirements (e.g., GDPR, HIPAA, SOX, PCI-DSS).
  • Serve as a trusted advisor to technology and business teams, helping them make risk-informed decisions.
  • Champion a risk-aware culture through education, communication, and continuous engagement.

Qualifications

Required:

  • Bachelor's degree in Information Security, Computer Science, Risk Management, or related field.
  • 7+ years of experience in Information Security, GRC, or Risk Management, with at least 3 years in a lead or senior role.
  • Strong understanding of information security principles, risk assessment methodologies, and governance frameworks (ISO 27001, NIST, COSO, etc.).
  • Experience with risk management tools (e.g., Archer, ServiceNow GRC, OneTrust, or similar).
  • Exceptional communication skillsable to translate complex risk topics into actionable insights for executives and business partners.

Preferred

  • Professional certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Implementer, or CGEIT.
  • Experience in cloud risk management (AWS, Azure, GCP).
  • Background in regulatory compliance and third-party risk.

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Information Security
Employment Type:
Full time

Job ID: 134560073

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 06-12-2025 09:34:48 PM
Homejobs in Gurgaon / GurugramLead - GRC Risk Management