Job Title: GRC/IRM Tech Lead

Experience: 7-10 years

Location: Pune, India (Remote-hybrid as per project need)

Job Overview :
Lead delivery of ServiceNow IRM/GRC including Policy & Compliance, Risk, Issues, Third-Party Risk, and Audit, ensuring alignment to regulatory frameworks and enterprise controls.

Key Responsibilities

  • Own IRM solution design: profiles, risk statements, controls, indicators (KRI/KCI), assessments, workflows
  • Implement attestations, control testing, issues/exception handling, risk scoring models
  • Configure integrations for evidence collection and continuous monitoring via IntegrationHub/MID
  • Define access controls and data segregation by BU/geo
  • Build dashboards for CRO/CISO: control efficacy, residual risk, audit findings
  • Manage team delivery: stories, reviews, performance, release readiness

Must-Have Qualifications

  • 5+ IRM hands-on projects as Lead
  • Strong IRM data model, policy lifecycle, qualitative/quantitative risk methodologies
  • Flow Designer, client/server scripting, ACLs, ATF; Performance Analytics for IRM KPIs
  • Experience with ISO 27001, NIST 800-53, SOX, PCI-DSS mappings

Preferred Qualifications

  • Integration with GRC content providers or control libraries
  • Third‑Party Risk implementation
  • Audit Management and continuous controls monitoring

Certifications (Mandatory)

  • Mandatory: CSA
  • Mandatory: CIS – Risk & Compliance (IRM/GRC)

Soft Skills

  • Stakeholder alignment with Risk, Compliance, Audit
  • Strong documentation and presentation skills

Interview Rubric (Weighting)

  • IRM Design & Data Model (35%)
  • Risk & Controls Methodology (25%)
  • Integrations & Automation (15%)
  • Dashboards & PA (10%)
  • Delivery Leadership (15%)

Suggested Screening Questions

  1. Design residual risk calculation combining inherent risk, control strength, and issue impact
  2. Build an assessment flow with conditional sections and evidence attachments
  3. Model exceptions and waivers with expiry, review, and compensating controls

Posting Snapshot

  • Exp: 7–10 yrs | Certs: CSA + CIS‑IRM
  • Responsibilities: IRM solution leadership, risk/control models, assessments, dashboards, integrations
  • Skills: Policy & Compliance, Risk scoring, Issues/Exceptions, PA, ACLs, Flow Designer

Apply for this position