Job Description
Job Description - Technology - GRC Manager - C1
Role Purpose: As GRC (Governance, Risk, and Compliance) Manager is responsible for overseeing and managing the risk assessment, remediation, and monitoring of information and technology process risks. This role involves ensuring that all risk and compliance activities are performed effectively by various control functions. The GRC Manager also serves as an internal consultant, providing guidance to operating functions and business lines on risk-related matters. Additionally, they are tasked with identifying, assessing, quantifying, reporting, communicating, mitigating, and monitoring process risks to ensure the organization's overall security and compliance posture.
Want more jobs like this?
Get jobs in Bangalore, India delivered to your inbox every week.
Responsibilities:
- Ensure strong governance on risk and compliance performed by various control functions.
- Manage risk assessment, remediation, and monitoring of information and technology process risks.
- Serve as an internal risk consultant to operating functions and business lines.
- Identify, assess, quantify, report, communicate, mitigate, and monitor process risks.
- Support the implementation of information security policies.
- Discuss risk closure, mitigation, and acceptance with stakeholders.
- Ensure periodic entitlement reviews are completed, and risks are managed to an acceptable level.
- Collaborate with control functions to track and mitigate identified risks.
- Work with technology leaders to identify control gaps.
- Act as a subject matter expert for risk and controls related to operations.
- Maintain strong working relationships with stakeholders.
- Review and refine policies and processes based on industry best practices.
- Track identified risks and ensured their closure within defined timelines.
- Prepare and maintain risk heat maps and risk registers.
Required Skills:
- Excellent executive-level communication skills.
- Strong working relationships with team members and the ability to motivate them.
- Knowledge in areas such as Application Security, Data Security, Identity Access Management, Information, Infrastructure Technology, GDPR, and ISO Audits.
- Solid understanding of Risk Management Lifecycle and exposure to standards like SOX, COBIT, PCI-DSS, NIST Control, etc.
- Understanding of Security incident response aspects is desirable.
- Good analytical, problem-solving, and interpersonal skills.
- B.E in Computer Science/Information Technology or equivalent qualification with 8-12 years of experience.
- Industry-recognized certification in information security such as CISSP, CISM, CISA, etc.
If you encounter any suspicious mail, advertisements, or persons who offer jobs at Wipro, please email us at helpdesk.recruitment@wipro.com. Do not email your resume to this ID as it is not monitored for resumes and career applications.
Any complaints or concerns regarding unethical/unfair hiring practices should be directed to our Ombuds Group at ombuds.person@wipro.com.
We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, caste, creed, religion, gender, marital status, age, ethnic and national origin, gender identity, gender expression, sexual orientation, political orientation, disability status, protected veteran status, or any other characteristic protected by law.
Wipro is committed to creating an accessible, supportive, and inclusive workplace. Reasonable accommodation will be provided to all applicants including persons with disabilities, throughout the recruitment and selection process. Accommodations must be communicated in advance of the application, where possible, and will be reviewed on an individual basis. Wipro provides equal opportunities to all and values diversity.