HamburgerMenu
iimjobs

Finance & Accounts

Banking

Corporate Banking

Investment Banking

Private Equity

Equity Research

Wealth Management

Audit

Taxation

Risk Management

Financial Reporting

Financial Operations

Chief Financial Officers

Chartered Accountant

Sales

Marketing

Brand Management

Online Marketing

Marketing Communication

Market Research

Advertising

Corporate Sales

FMCG Sales

FMCG Marketing

BFSI Sales

Media Sales

Mobile VAS

Sales Head

Marketing Head

Strategy Consulting

Research

Analytics

Process Excellence

Consulting - BFSI

Consulting - Consumer Goods

Consulting - Healthcare

Consulting - Supply Chain

Consulting - Energy Sector

Consulting - TMT

Consulting - Manufacturing

Consulting - Infrastructure

Consulting - eGov/PSU

IT Consulting

HR Consulting

HR Generalist

HR Business Partner

Talent Acquisition

Organization Development

Learning and Development

Compensation & Benefits

Industrial Relations

HR Operations

HR Jobs in IT/ITeS

HR Jobs in BFSI

HR Jobs in Mfg

HR Jobs in FMCG

HR Jobs in Telecom

HR Consulting

HR Head

IT Project Management

IT Consulting

Presales

IT Sales

IT Product Management

IT Business Analyst

Functional Consultant

IT Infrastructure

IT Audit

IT Jobs in BFSI

Chief Technology Officer

Supply Chain

Operations

Procurement

Inventory Management

Plant Operations

Demand Planning

Quality Operations

Operations Head

Procurement Head

Regulatory Compliance

Litigation

Company Secretary

Intellectual Property Rights

Legal Jobs in BFSI

Legal Jobs in IT/ITeS

Legal Jobs in FMCG

Legal Jobs in Mfg

Legal Jobs in Real Estate

Legal Jobs in Telecom

Legal Head Jobs

BPO Operations

BPO Quality

BPO Presales

BPO Sales

BPO Training

Customer Service

BPO Head

MBBS

MD

Healthcare Operations

Clinical Operations

Pharma Operations

Pharmacovigilance

Pharma R&D

Pharma Safety

AI Product Management

Generative AI

Gen AI Strategy

AI Project Management

Posted By

satish Mishra

AM at Mashreq Global Services Private Limited

Last Active: 29 November 2025

Job Views:  
128
Applications:  23
Recruiter Actions:  0

Posted in

IT & Systems

Job Code

1629300

Mashreq - Senior Manager - Information Security - Risk Management - GRC

Mashreq Global Services Private Limited.8 - 10 yrs.Bangalore
Posted 1 month ago
Posted 1 month ago
#Information Security#IT Risk Management#IT Compliance#IT Governance#IT Audit#Cyber Security#CISM

Description:

Key Responsibilities:

Information Security Risk Management:

- Develop, implement, and maintain the Information Security Risk Management Framework, ensuring alignment with the banks enterprise risk management (ERM) strategy.

- Identify, assess, and monitor information security and cyber risks across the banks business units, technology platforms, and third-party relationships.

- Define risk appetite, tolerance levels, and key risk indicators (KRIs) in collaboration with senior stakeholders.

- Ensure consistent application of risk assessment methodologies (qualitative and quantitative) across the organization.

- Conduct regular risk reviews and control effectiveness assessments for critical systems and processes.

- Collaborate with IT, Operations, and Business functions to embed security risk management into strategic initiatives, projects, and daily operations.

Risk Reporting & Governance:

- Develop and maintain a centralized reporting framework for security risks, control effectiveness, and risk mitigation progress.

- Generate timely and accurate reports, dashboards, and executive summaries for senior management, risk committees, and the Board.

- Provide clear insights on key security risks, emerging threats, and trends to support strategic decision-making.

- Track and monitor remediation of identified risks and ensure closure of risk mitigation actions within defined timelines.

- Define and maintain documentation and evidence supporting compliance with internal policies and regulatory requirements.

GRC Automation & Process Enablement:

- Design and implement automation initiatives to streamline risk management, monitoring, and reporting processes.

- Lead the deployment, configuration, and optimization of GRC tools (e.g., Archer, ServiceNow GRC, MetricStream, or similar) to enhance operational efficiency and risk visibility.

- Integrate GRC tools with other enterprise systems for seamless data flow, real-time updates, and automated reporting.

- Develop and maintain automated workflows, dashboards, and analytics for improved risk management insights.

- Drive continuous improvement by leveraging data analytics and automation for proactive risk detection and predictive risk management.

Policy, Standards, and Compliance Alignment:

- Ensure information security risk management processes comply with internal policies, regulatory mandates, and industry frameworks such as NIST, ISO 27001, COBIT, and FFIEC.

- Support audits, regulatory reviews, and assurance exercises by providing necessary documentation and evidence.

- Collaborate with compliance and audit teams to address findings and ensure closure of gaps.

Leadership & Stakeholder Engagement:

- Provide subject matter expertise and guidance to business units on information security risk management practices.

- Act as a key liaison between ISG, Enterprise Risk, Compliance, and Business units.

- Mentor and develop junior GRC team members to enhance analytical, technical, and reporting capabilities.

- Support the Head of IS GRC in strategic initiatives, governance reviews, and regulatory interactions.

Qualifications, Skills, and Experience:

- Bachelors or Masters degree in Information Security, Computer Science, Risk Management, or related field.

- Minimum 8-10 years of experience in Information Security Risk Management, GRC, or Cybersecurity Governance within the banking or financial services industry.

- In-depth knowledge of information security frameworks and standards (NIST, ISO 27001, COBIT, CIS).

- Proven experience implementing or managing GRC platforms (RSA Archer, ServiceNow GRC, MetricStream, or similar).

- Strong understanding of risk quantification methodologies, cyber risk assessment, and metrics-based reporting.

- Experience with data analytics tools and automation (e.g., Power BI, Tableau, or Python-based reporting) is an advantage.

- Familiarity with regulatory requirements such as UAE Central Bank, NESA, GDPR, PCI DSS.

- Relevant certifications such as CISM, CRISC, CISSP, CGEIT, or ISO 27001 Lead Implementer are highly desirable.

- Excellent communication, analytical, and presentation skills with the ability to influence senior stakeholders.

- Strong leadership and project management capabilities.


Pro

Follow Up

Didn’t find the job appropriate? Report this Job

Posted By

satish Mishra

AM at Mashreq Global Services Private Limited

Last Active: 29 November 2025

Job Views:  
128
Applications:  23
Recruiter Actions:  0

Posted in

IT & Systems

Job Code

1629300

UPSKILL YOURSELF

My Learning Centre

Explore CoursesArrow
Banking & Finance Jobs
Sales & Marketing Jobs
Consulting Jobs
HR & IR Jobs
IT & Systems Jobs
SCM & Operations Jobs
Legal Jobs
BPO Jobs
Healthcare Jobs
Pharma Jobs
GenAI Jobs