Search by job, company or skills

godrej industries group

Lead - IT Governance

godrej industries group
Mumbai, India
8-10 Years
Save
new job description bg glownew job description bg glow
  • Posted 5 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Job Requirements

Provide independent governance and assurance over the NBFC's technology environment—separate from the IT line—to ensure end‑to‑end compliance with RBI IT Governance, Risk, Controls & Assurance Practices and RBI Outsourcing of IT Services directions, while aligning technology risk management to business objectives and risk appetite. This role reviews, challenges, and validates the effectiveness of IT controls, outsourcing practices (including cloud / SOC), and resilience measures.

Key Responsibilities

  • Independent IT Governance Oversight

Operate as an independent checker over IT's policies, standards, and controls; ensure the organization's IT Governance Framework addresses strategic alignment, risk management, resource/performance management, and BCP/DR as required by RBI's IT RBI Master Directions, DPDP Act and other applicable regulations

  • RBI Compliance
  • Maintain a compliance inventory and gap log, drive remediation with accountable owners in IT/InfoSec
  • Establish and oversee (2LoD) adherence to a Board‑approved IT Outsourcing Policy,
  • Verify a central inventory of all IT outsourcing arrangements (materiality classification), due diligence, and contractual safeguards (audit & inspection rights, confidentiality & data protection, data residency/sovereignty, regulatory access, subcontracting controls, BCP/DR, exit/termination, SLA/OLA, performance & risk KRIs)
  • Ensure compliance with legacy and new agreements with specific compliance windows for renewals/new contracts)
  • Oversee cross‑border outsourcing risk assessments and controls; ensure cloud usage aligns with Appendix I (controls, location/sovereignty, monitoring) and SOC outsourcing aligns with Appendix II (governance, log ownership, response SLAs)
  • Change, Access & Ops Oversight (Non‑Execution)
  • Independently review change management artefacts (risk impact, approvals, testing, rollback, post‑implementation validations) and patch governance timeliness for critical vulnerabilities
  • Check effectiveness of privileged access controls, SoD, recertifications, and teleworking controls per the Master Direction
  • Validate the adequacy of audit trails/logging and monitoring for systems handling critical/sensitive information
  • Review IS/Cyber policies, risk assessments, VA/PT cadence, and incident response/CCMP execution, including regulatory reporting readiness as per the Master Direction
  • Track KRI/KCI thresholds for cyber/IT risks; escalate breaches per risk appetite to relevant authorities
  • BCP/DR & Resilience Assurance
  • Oversee the BCP/DR testing calendar, scenario coverage, achievement of RPO/RTO as stipulated

Work Experience

8–10 years

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Finance
Employment Type:
Full time

Job ID: 147478405

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 15-05-2026 09:03:06 PM
Homejobs in MumbaiLead - IT Governance