Governance Manager

Job Responsibilities:To lead the design, implementation, and enterprise-wide adoption of a Digital Governance, Risk, and Compliance (GRC) Framework integrating Operational Risk, Information Security, Cyber Risk, and Compliance functions — ensuring adherence to RBI guidelines, Basel III ORM principles, and Kotak’s internal risk governance standards.The individual’s work scope broadly includes:Key Responsibilities:A. Digital GRC Implementation & StrategyLead the end-to-end implementation of the Digital GRC platform (ServiceNow / Archer / MetricStream).Define and operationalize digital workflows for Risk Assessment, RCSA, Issue Management, and KRI/KPI monitoring.Develop a Digital GRC roadmap aligned with Kotak’s ORM, ISRM, and Compliance strategies.Drive integration of GRC with systems like Incident Management, Vendor Risk, Asset Inventory, and BCM tools.B. Risk & Control AutomationDigitize RCSA, Risk Register, and Control Libraries for all business units.Enable real-time monitoring of risks and controls via dashboards and analytics.Support automation of regulatory reporting (ORMC, ISRC and RBI submissions).Enhance control testing, control evidence collection, and workflow approvals in GRC platform.C. Governance & Stakeholder ManagementPartner with senior leadership across ORM, ISRM, Compliance, and Internal Audit.Lead governance forums for GRC implementation tracking, performance, and adoption.Act as liaison between Risk Function, Technology, and Vendor Partners for delivery governance.Prepare management dashboards, KPIs, and MIS for GRC performance metrics.Location: BangaloreExperience: 8 to 12 YearsQualification: B.TECH/BE/ME/M.TECH/MCAThe recruit will be responsible for **:Enterprise-wide rollout of Digital GRC platform covering ORM, ISRM, and Vendor domains.RCSA automation for all business and IT verticals.RBI CSITE and ORM audit compliance readiness through digital reporting.Management dashboards and KRI-based analytics for proactive risk oversight.Integration with Incident, Audit, and Vendor Risk modules.Expected experience:At least 8 year and not more than 12 years in a mid to large size organization within the banking and finance industry in InfoSec / Compliance / Audit / Governance role.Certifications preferred: CRISC, CISA, ISO 27001 LA, CGEIT, PMP, or GRC Professional.Experience in a top-tier bank, consulting, or financial services GRC transformation program.Key Interfaces:Operational Risk Management (ORM)Information SecurityInternal AuditIT & Digital TransformationCompliance & Legal

Apply Now