Job Description:

We are seeking a dynamic and forward-thinking Cyber Security Governance lead with a focus on strategy and innovation to join our team at Reliance Industries. The ideal candidate should have a strong background in GRC with a passion for integrating innovative practices and ensuring smooth, efficient operations for large global organizations. The role provides unparalleled exposure to a range of businesses under one trusted umbrella. The governance lead is a key role in the cybersecurity team and works in close collaboration with the Risk Management and Privacy functions and hence should have exposure in Risk Management as well as Privacy frameworks and processes as well.

Key Responsibilities:

• Develop and implement a robust GRC framework that aligns with the organization’s strategic objectives, fostering a culture of innovation and continuous improvement.
• Establish & maintain governance frameworks, policies, standards, and procedures that ensure alignment with industry standards (NIST, ISO, COBIT etc.) & best practices.
• Lead the Governance committee meetings, ensure effective communication and decision-making across all governance activities.
• Maintain up-to-date knowledge of regulatory changes and trends, advising the organization on necessary adjustments to maintain compliance.
• Develop and implement a holistic cybersecurity training and awareness program that addresses the varying needs of the organization. Regularly update the program to reflect the latest cybersecurity threats, trends, and best practices.
• Establish metrics and KPIs to measure the effectiveness of the training program and continuously improve it based on feedback and assessment results.
• Design and deliver specialized cybersecurity training sessions tailored for senior management, IT administrators, business units, and developers that address their specific roles and responsibilities.
• Design and conduct regular phishing simulations to test and improve the organization's resilience to phishing attacks.
• Collaborate with internal and external stakeholders to plan and execute organization-wide cybersecurity awareness campaigns and events to foster a security risk culture.
• Identify, assess, and prioritize risks across the organization, incorporating innovative risk management strategies and tools.
• Develop and implement risk mitigation plans that are agile and adaptable to the evolving business landscape.
• Continuously monitor and review risk management processes, ensuring they remain effective and responsive to emerging threats and opportunities.
• Knowledge of industry leading privacy frameworks and Privacy-by-design and privacy by default principles.
• Understanding of Privacy Impact Assessments, Data Transfer Privacy Impact Assessments and Privacy Risk Reviews.
• Drive the integration of innovative technologies and seamless delivery practices into GRC processes, enhancing efficiency, accuracy, and effectiveness.
• Foster a culture of continuous improvement, encouraging the adoption of cutting-edge tools and methodologies to advance security practices.
• Collaborate with cross-functional teams to ensure security initiatives are integrated smoothly into business operations, minimizing disruption, and maximizing value.

Qualifications:

• Bachelor’s degree in Information security, Information Technology, Risk Management, or a related field; Master’s degree preferred.
• Over 10 years of experience in governance and risk management, with a demonstrated focus on innovation and seamless delivery.
• Professional certifications such as CISM, CRISC, CISSP or equivalent.
• Strong knowledge of GRC frameworks, industry standards, and regulatory requirements.
• Proven experience in integrating innovative practices and technologies into GRC processes.
• Excellent communication and leadership skills, with the ability to influence and collaborate effectively with stakeholders at all levels.
• Strong analytical and problem-solving abilities, with a proactive and strategic approach to managing governance, risk, and compliance challenges.