Senior Manager Governance, Risk Compliance (GRC)

📋 Description

• • Own the end-to-end design, rollout, and continuous evolution of Jiostar’s enterprise-wide Governance, Risk, and Compliance (GRC) program, ensuring it scales with a business that entertains 750 million viewers weekly and spans television networks, streaming platforms, and emerging digital products.
• • Translate complex regulatory obligations—India’s IT Act, DPDPA, GDPR, PCI DSS, ISO 27001, SOC 2—into pragmatic policies, standards, and playbooks that engineering, product, and content teams can actually follow without slowing innovation.
• • Lead quarterly enterprise risk assessments covering operational, cyber-security, data-privacy, and third-party risk domains; build heat-maps, quantify residual risk in financial terms, and present mitigation road-maps to the executive risk committee.
• • Run the internal and external audit calendar like clockwork: scope audits, gather evidence, host auditors, track findings through closure, and ensure zero repeat observations—turning audit fatigue into a competitive advantage.
• • Architect and automate control testing, evidence collection, and exception workflows using modern GRC platforms (ServiceNow, Archer, or similar) to shrink compliance cycles from weeks to hours and free your team for higher-value work.
• • Create and sustain a security-first culture across 5,000+ employees and hundreds of vendors; design role-based training, phishing simulations, and executive briefings that move the needle on behavior, not just box-checking.
• • Build and mentor a high-performing GRC team—recruit, coach, and retain analysts and engineers—while forging tight partnerships with Legal, IT, Product, and Content Ops to ensure risk decisions are made at the right altitude and speed.
• • Own the third-party risk lifecycle: screen new vendors, conduct on-site assessments for critical suppliers, negotiate security addendums, and monitor continuous compliance via automated attestations and KPI dashboards.
• • Deliver crisp, board-ready reporting—risk dashboards, compliance scorecards, and trend analytics—that enable the CEO, CFO, and Board Risk Committee to make data-driven decisions on investments, acquisitions, and market expansion.
• • Stay ahead of the regulatory curve: monitor proposed amendments to India’s DPDPA, EU AI Act, and U.S. state privacy laws; model business impact and lead tiger teams to implement changes before deadlines hit.
• • Champion ethical data use and privacy-by-design in every new feature—from AI-driven content recommendations to targeted advertising—ensuring Jiostar remains the trusted entertainment destination for hundreds of millions of families.