Responsibilities
- Develop, implement, and maintain internal policies, procedures, and controls to ensure adherence to SEBI regulations, internal guidelines, and industry best practices.
- Assist in establishing and maintaining robust corporate governance structures, including defining roles, responsibilities, and reporting lines with regard to information security.
- Prepare and present regular reports on GRC matters to senior management and relevant committees.
- Facilitate internal and external audits, ensuring timely provision of information and resolution of findings.
- Maintain Oversight on the first line of defence, both on an ad hoc as well as a continuous basis.
- Identify, assess, and prioritise operational, financial, regulatory, technological (including cybersecurity), and reputational risks pertinent to the PMS business.
- Develop and implement risk mitigation strategies and action plans.
- Conduct regular risk assessments and maintain a comprehensive risk register, including risk appetite and tolerance levels.
- Monitor key risk indicators (KRIs) and report on the effectiveness of risk management controls.
- Ensure adherence to SEBI's guidelines on Cyber Security and Cyber Resilience Framework for Portfolio Managers or any other relevant regulations.
- Implement and monitor adherence to robust incident management and business continuity plans.
- Maintain adequate adherence to internal policies.
- Maintain complete adherence to all regulatory guidelines.
- Work closely with internal audit to minimise infosec observations and deviations.
- Ensure internal controls are in place from an information security perspective at all times, including key deviations and conditional sign-offs.
- Assist and ensure the legal team with the timely and accurate submission of all regulatory filings and reports to SEBI and other relevant authorities.
- Conduct periodic compliance reviews and audits to assess adherence to regulatory requirements and internal policies.
- Develop and deliver compliance training programs for employees to foster a strong culture of compliance.
- Ensure all marketing materials and client communications comply with SEBI advertising code and disclosure norms.
- Oversee third-party risk management, ensuring vendors and service providers adhere to required compliance and security standards.
Requirements
- Experience: 3-6 years of experience in Governance, Risk, and Compliance roles within the financial services industry, preferably with a SEBI-regulated entity (PMS, AMC, Stock Broker, etc. ).
- Certifications: CISA, CISSP and CEH, and CISM.
- Regulatory Knowledge: In-depth understanding of SEBI (Portfolio Managers) Regulation and other relevant SEBI regulations, circulars, and guidelines.
- GRC Frameworks: Familiarity with GRC frameworks(e. g, ISO 27001 NIST) and best practices.
- Analytical Skills: Strong analytical, problem-solving, and critical thinking abilities to identify complex issues and propose effective solutions.
- Communication: Excellent written and verbal communication skills, with the ability to articulate complex regulatory requirements clearly and concisely to diverse stakeholders.
- Attention to Detail: Meticulous attention to detail and a high degree of accuracy in all work.
- Proactive and Self-Starter: Ability to work independently, prioritise tasks, and manage multiple deadlines in a fast-paced environment.
- Technology Proficiency: Proficiency in GRC software/tools( Archer, sprinto, scrut) and MS Office Suite (Excel, Word, PowerPoint).
This job was posted by Simran Taneja from Dezerv.
