Job Opportunities

Governance, Risk and Compliance Lead

GRC & GDPR Lead (8–10 Years) — Job Description
Experienced compliance and privacy leader responsible for managing the full GRC program
and ensuring GDPR compliance across the organization. Leads risk assessments, policy
governance, privacy operations, audits, and regulatory readiness while advising leadership on
data protection risks and cross-border processing.
Core Responsibilities
• Lead end-to-end GRC framework: enterprise risks, control design, governance,
compliance reporting.
• Drive GDPR implementation: ROPA, DSAR, DPIA, consent, vendor DPAs, breach
response.
• Build and maintain compliance alignment with ISO 27001, ISO 27701, SOC2,
DPDP Act.
• Conduct internal audits, control testing, gap assessments, and remediation tracking.
• Embed privacy-by-design and security-by-design into projects and IT systems.
• Manage training and awareness on GRC, GDPR, and data protection practices.
• Partner with legal, IT, security, and global teams to ensure end-to-end compliance.
Skills & Certifications
• Strong expertise in GDPR, GRC frameworks, risk management, SOC2, and ISO
standards.
• Experience with GRC/Privacy tools (ServiceNow, Archer, OneTrust, Riskonnect).
• Excellent documentation, regulatory interpretation, and stakeholder management.
• Preferred: CIPP/E, CIPM, ISO 27001 LA, ISO 27701 LI, CRISC.