IT Governance, Risk, and Compliance (GRC)

Hiring for: A Housing Finance Ltd is one of the largest low-income housing finance companies in India servicing the home financing needs of the low income sections of the society.

Role: IT Governance, Risk, and Compliance (GRC)

Positions: 1

Experience: 10 to 15 years

Location(s): Thane

Type: On-site / Permanent

Salary: Up to INR 18 LPA

Role Summary

Ensure effective execution of IT Governance, Risk, and Compliance (GRC) by embedding controls, managing IT risks, maintaining regulatory compliance, and supporting audits across IT operations, applications, and third-party environments.

Key Responsibilities

Governance

·      Operationalize the enterprise IT governance framework, policies, and standards

·      Embed governance and control requirements into IT processes

·      Track policy adherence, exceptions, approvals, and remediation

·      Support IT governance forums with reporting and analysis

Risk Management

·      Identify, assess, and document IT risks across systems, projects, and operations

·      Maintain the IT Risk Register with mitigation plans and ownership

·      Execute RCSAs and monitor KRIs, escalating emerging risks

·      Support BCP / DR risk governance and testing

Compliance & Controls

·      Execute and monitor IT General Controls (ITGCs) and regulatory requirements

·      Maintain control documentation, narratives, and evidence repositories

·      Perform control testing and track compliance gaps

·      Support compliance-by-design during system implementations

Audit & Third-Party Risk

·      Serve as single point of contact for IT audits and regulatory reviews

·      Coordinate audit walkthroughs, evidence submission, and CAP closure

·      Conduct IT vendor risk assessments and track vendor compliance

KEY OUTCOMES / KPIs

·      Establish GRC calendar and operationalize

·      Improved IT risk visibility and mitigation effectiveness

·      Consistent adherence to IT policies, controls, and standards

·      Sustained audit and regulatory readiness

Qualifications & Experience

• Bachelor’s degree in IT, Computer Science, or related field; Master’s preferred.

• 10  years of IT experience with 4+ years in IT GRC / IT Risk in NBFC or BFSI.

• Strong exposure to RBI regulatory inspections and cybersecurity compliance.

Preferred Certifications

• CISA, CISM, CRISC

• CISSP

• ISO 27001 Lead Implementer / Auditor

• NIST CSF / COBIT / ITIL

Behavioural Competencies

Collaboration, operational excellence, conflict resolution, people development.