Delivery Manager- GRC

Job Purpose: The planning, execution, and governance of Governance, Risk, and Compliance (GRC) projects and programs across the organization or client accounts.Qualification: Bachelor’s or master’s degree in information security, Risk Management, Business Administration, or related field.Certifications: Preferred Certifications: - CISA, CRISC, CISSP, GRCP/GRCA, ISO 27001 Lead Auditor, or TOGAFExperience: 12–20 years of total experience, with at least 7–10 years in GRC implementation and leadershipRole Summary:

• The GRC Delivery Manager will be responsible for leading the planning, execution, and governance of Governance, Risk, and Compliance (GRC) projects and programs across the organization or client accounts.
• This role requires deep knowledge of GRC frameworks, tools (e.g., RSA Archer, CAMMS/Riskonnect, MetricStream), and delivery methodologies.
• The incumbent will ensure the delivery of high-quality solutions aligned with business objectives, regulatory requirements, and industry best practices.

Responsibilities:Strategic Leadership - Develop and lead the GRC delivery strategy aligned to enterprise risk management goals or client business objectives. - Serve as a thought leader and advisor on risk frameworks (ISO 31000, COSO, NIST RMF, NIST CSF, etc.). - Collaborate with business leaders, IT, audit, legal, and compliance teams to integrate GRC solutions.Program & Project Delivery - Lead the end-to-end delivery of GRC implementations and assessments, ensuring quality, timeliness, and client satisfaction. - Oversee the design and configuration of GRC platforms (RSA Archer, ServiceNow GRC, etc.). - Manage project budgets, timelines, staffing, and risk mitigation plans.People Management & Mentorship - Lead and mentor a team of GRC consultants, analysts, and project managers. - Build delivery capability through hiring, training, and performance management. - Foster a collaborative, high-performance culture within the GRC delivery team.Client & Stakeholder Engagement - Act as the senior delivery contact for strategic clients or business units. - Conduct stakeholder meetings, executive briefings, and governance reviews. - Drive account growth by identifying upsell and cross-sell opportunities.Compliance & Risk Framework Implementation - Ensure compliance with industry regulations (e.g., SOX, HIPAA, GDPR, ISO 27001). - Support the development of enterprise-wide risk and compliance dashboards. - Implement control libraries, policy mapping, and issue management workflows.Continuous Improvement - Establish and monitor GRC delivery KPIs and SLAs. - Lead post-project reviews and continuous improvement initiatives. - Stay up to date with regulatory changes, risk trends, and GRC platform innovations.Required Qualification:

• Bachelor’s or master’s degree in information security, Risk Management, Business Administration, or related field.
• 12–20 years of total experience, with at least 7–10 years in GRC implementation and leadership.
• Proven track record of delivering GRC solutions (Archer, CAMMS/Riskonnect, MetricStream, etc.) across sectors. –
• Expertise in ISO 27001, ISO 31000, COBIT, NIST, SOX, PCI-DSS, or similar frameworks. - Strong understanding of IT and Cybersecurity controls, audit processes, and compliance mandates. –
• Excellent communication, stakeholder management, and team leadership skills.
• Preferred Certifications: - CISA, CRISC, CISSP, GRCP/GRCA, ISO 27001 Lead Auditor, or TOGAF.
• Platform certifications (e.g., RSA Archer Admin, CAMMS/Riskonnect, ServiceNow GRC Implementation Specialist).

Work Environment & Travel:

• This role may require occasional travel to client sites or international offices.
• Onsite model depending on organizational setup and client needs.

Mandatory:

• Proven track record of delivering GRC solutions (Archer, CAMMS/Riskonnect, MetricStream, etc.) across sectors.
• Expertise in ISO 27001, ISO 31000, COBIT, NIST, SOX, PCI-DSS, or similar frameworks. - Strong understanding of IT and Cybersecurity controls, audit processes, and compliance mandates