2,526 IT Governance jobs in India

Role Summary:

Raise is built on this core philosophy - we will bring exceptionally great products, awesome user experience and best in class customer service to our users. We have started with our first step by launching an Investment & Trading platform – Dhan ( in November 2021.

As an IT Governance & Compliance Manager, you will be responsible for driving the strategy, implementation, and oversight of IT & Information Security (IS) governance frameworks across the organization. You will lead the design and enforcement of policies, controls, and compliance programs, while managing audits and regulatory engagements. In this role, you will collaborate with senior stakeholders, guide teams, and ensure that governance practices not only meet regulatory expectations but also strengthen the organization’s overall cyber resilience.

Expected Responsibilities:

• Define, implement, and maintain the organization’s IT & IS governance strategy, ensuring alignment with business objectives and regulatory requirements.
• Lead the review, approval, and lifecycle management of IT & IS policies, procedures, and Standard Operating Processes (SOPs).
• Oversee the implementation and monitoring of IT & IS controls through the GRC (Governance, Risk, and Compliance) solution dashboard, ensuring timely reporting and issue closure.
• Direct periodic user access reviews for privileged accounts, VPN access, and critical systems; validate evidence uploads and ensure audit-readiness.
• Lead internal self-assessments against CCI, SOC efficacy parameters, and SEBI CSCRF guidelines; prepare management reports and drive remediation of findings.
• Manage end-to-end coordination with internal stakeholders and external auditors for Cyber Audits, System & Network Audits, ISO 27001 certification, and Exchange inspections.
• Ensure timely execution of regulatory-mandated drills, exercises, and simulations to validate organizational readiness.
• Represent the IT & IS function in governance forums, including Steering Committees, IT Committees, and Board meetings; prepare regulatory submissions, ATRs, and MOMs.
• Provide leadership and guidance to team members, fostering a culture of compliance, accountability, and continuous improvement.
• Stay abreast of emerging regulatory changes, industry trends, and best practices to proactively strengthen the governance and compliance posture.

Expected Skills:

• Proven experience in IT Governance, Risk, and Compliance (GRC) management, Information Security, or related leadership roles.
• Strong understanding of IT & IS regulatory frameworks (SEBI, CCI, SOC, ISO 27001) and audit methodologies.
• Hands-on expertise with GRC platforms and compliance dashboards.
• Demonstrated ability to manage large-scale audits and regulatory inspections with senior stakeholders.
• Excellent leadership, team management, and stakeholder engagement skills.
• Strong analytical, reporting, and problem-solving skills with a detail-oriented mindset.
• Exceptional communication skills to represent the function with regulators, auditors, and senior leadership.
• Professional certifications such as CISA, CISM, CRISC, ISO 27001 Lead Auditor/Implementer.
• Exposure to Cloud Security, Data Privacy frameworks, or Cybersecurity Risk Management.
• Prior experience in BFSI, fintech, or other regulated industries.

Location: Goregaon West, Mumbai (Preference will be given to candidates residing in Mumbai’s Western suburbs).

Apply Now

If you believe in making great first impressions and enjoy being at the center of workplace energy, we’d love to hear from you. Send your resume to:

Why Join Raise?

We’re a certified Great Place to Work, and it shows in everything we do - from how we collaborate to how we celebrate wins. Our culture is built on growth, ownership, and mutual respect. At Raise, you’ll find a flat hierarchy, open conversations, and a team that values passion, humility, and speed over titles and bureaucracy.

Our Values & Culture

We look for people who:

• Are obsessed with customer satisfaction.
• Respect their work, teammates, and users.
• Value speed, humility, and thoughtful action.
• Prefer quality over quantity.
• Are hands-on regardless of role or title.
• Embrace ownership, discipline, and an entrepreneurial spirit.
• Believe in less talk, more execution.
• Are passionate about the work they do.

Raise is an equal opportunity employer. We celebrate diversity and are committed to building an inclusive workplace.

About Raise Financial Services

We are building technology led financial products and infrastructure for India’s top 25Mn+ financially aware and literate users. Our product lines span investments, financing, insurance, payments, and wealth services. We will offer consumer products & services that cater to these users, and will offer the same technology & infrastructure to partners in the startup ecosystem willing to take the experience to everyone in India. Our focus is on 3 core aspects - build great products, deliver awesome experiences and provide exceptional customer services to our users.

Explore more:

• Company Website:
• Investment Platform:

Role Summary:

Raise is built on this core philosophy - we will bring exceptionally great products, awesome user experience and best in class customer service to our users. We have started with our first step by launching an Investment & Trading platform – Dhan ( in November 2021.

As an IT Governance & Compliance Manager, you will be responsible for driving the strategy, implementation, and oversight of IT & Information Security (IS) governance frameworks across the organization. You will lead the design and enforcement of policies, controls, and compliance programs, while managing audits and regulatory engagements. In this role, you will collaborate with senior stakeholders, guide teams, and ensure that governance practices not only meet regulatory expectations but also strengthen the organization’s overall cyber resilience.

Expected Responsibilities:

• Define, implement, and maintain the organization’s IT & IS governance strategy, ensuring alignment with business objectives and regulatory requirements.
• Lead the review, approval, and lifecycle management of IT & IS policies, procedures, and Standard Operating Processes (SOPs).
• Oversee the implementation and monitoring of IT & IS controls through the GRC (Governance, Risk, and Compliance) solution dashboard, ensuring timely reporting and issue closure.
• Direct periodic user access reviews for privileged accounts, VPN access, and critical systems; validate evidence uploads and ensure audit-readiness.
• Lead internal self-assessments against CCI, SOC efficacy parameters, and SEBI CSCRF guidelines; prepare management reports and drive remediation of findings.
• Manage end-to-end coordination with internal stakeholders and external auditors for Cyber Audits, System & Network Audits, ISO 27001 certification, and Exchange inspections.
• Ensure timely execution of regulatory-mandated drills, exercises, and simulations to validate organizational readiness.
• Represent the IT & IS function in governance forums, including Steering Committees, IT Committees, and Board meetings; prepare regulatory submissions, ATRs, and MOMs.
• Provide leadership and guidance to team members, fostering a culture of compliance, accountability, and continuous improvement.
• Stay abreast of emerging regulatory changes, industry trends, and best practices to proactively strengthen the governance and compliance posture.

Expected Skills:

• Proven experience in IT Governance, Risk, and Compliance (GRC) management, Information Security, or related leadership roles.
• Strong understanding of IT & IS regulatory frameworks (SEBI, CCI, SOC, ISO 27001) and audit methodologies.
• Hands-on expertise with GRC platforms and compliance dashboards.
• Demonstrated ability to manage large-scale audits and regulatory inspections with senior stakeholders.
• Excellent leadership, team management, and stakeholder engagement skills.
• Strong analytical, reporting, and problem-solving skills with a detail-oriented mindset.
• Exceptional communication skills to represent the function with regulators, auditors, and senior leadership.
• Professional certifications such as CISA, CISM, CRISC, ISO 27001 Lead Auditor/Implementer.
• Exposure to Cloud Security, Data Privacy frameworks, or Cybersecurity Risk Management.
• Prior experience in BFSI, fintech, or other regulated industries.

Location: Goregaon West, Mumbai (Preference will be given to candidates residing in Mumbai’s Western suburbs).

Apply Now

If you believe in making great first impressions and enjoy being at the center of workplace energy, we’d love to hear from you. Send your resume to:

Why Join Raise?

We’re a certified Great Place to Work , and it shows in everything we do - from how we collaborate to how we celebrate wins. Our culture is built on growth, ownership, and mutual respect. At Raise, you’ll find a flat hierarchy, open conversations, and a team that values passion, humility, and speed over titles and bureaucracy.

Our Values & Culture

We look for people who:

• Are obsessed with customer satisfaction.
• Respect their work, teammates, and users.
• Value speed, humility, and thoughtful action.
• Prefer quality over quantity.
• Are hands-on regardless of role or title.
• Embrace ownership, discipline, and an entrepreneurial spirit.
• Believe in less talk, more execution.
• Are passionate about the work they do.

Raise is an equal opportunity employer. We celebrate diversity and are committed to building an inclusive workplace.

About Raise Financial Services

We are building technology led financial products and infrastructure for India’s top 25Mn+ financially aware and literate users. Our product lines span investments, financing, insurance, payments, and wealth services. We will offer consumer products & services that cater to these users, and will offer the same technology & infrastructure to partners in the startup ecosystem willing to take the experience to everyone in India. Our focus is on 3 core aspects - build great products, deliver awesome experiences and provide exceptional customer services to our users.

Explore more:

• Company Website:
• Investment Platform:

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it, our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage and passion to drive life-changing impact to ZS.

Our most valuable asset is our people .

At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and

make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. 

As a Risk management specialist at ZS Associates, you'll be responsible for identifying, and mitigating compliance and operational risks in line with the firm's standards. You'll also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry best practices. By partnering with various stakeholders, including Product Owners and Business function Managers, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. You'll have advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape.

What you'll do:

What you'll bring:

Additional Skills:

Responsibilities

• Business Continuity Planning (BCP) Development:
• Create, document, and update business continuity plans (BCPs) for all business functions across MetLife GCC.
• Work closely with department leaders to align BCPs with business objectives, regulatory requirements, and best practices.
• Risk Assessment and Business Impact Analysis (BIA):
• Conduct regular risk assessments and business impact analyses to identify potential threats and vulnerabilities to MetLife operations.
• Evaluate the financial, operational, and reputational impact of potential disruptions.
• Incident Response and Crisis Management:
• Serve as a key stakeholder in the development of incident response plans, ensuring that all critical functions are prepared for swift recovery.
• Lead crisis management exercises and tabletop simulations to train staff and assess our readiness.
• Regulatory Compliance and Audit Support:
• Ensure compliance with industry regulations and standards, including ISO 22301, SOC 2, DORA and GDPR.
• Support internal and external audits by maintaining accurate documentation and reporting on BCP initiatives.
• Continuous Improvement and Innovation:
• Stay current on trends and emerging technologies in business continuity and disaster recovery.
• Continuously refine and enhance MetLife BCP strategy based on lessons learned from testing, real incidents, and industry developments.
• Disaster Recovery (DR) Strategy and Execution:
• If need be Design, implement, and maintain disaster recovery strategies for our IT infrastructure and cloud-based services (e.g., AWS, Azure).
• Coordinate disaster recovery drills, testing scenarios, and post-mortem reviews to ensure effectiveness and readiness.

• Lead the development and implementation of corporate governance policies and frameworks.
• Ensure compliance with regulatory requirements, corporate bylaws, and board governance best practices.
• Provide governance support to the board of directors, audit, and risk committees.
• Monitor and report on the effectiveness of governance structures, internal controls, and decision-making processes.

• Develop and maintain an enterprise risk management (ERM) framework and risk appetite statement.
• Identify, assess, monitor, and report key operational, financial, legal, and reputational risks.
• Lead risk assessment activities across departments and business units.
• Oversee mitigation strategies, incident response planning, and business continuity initiatives.

• Ensure ongoing compliance with regulatory and legal obligations (e.g., SOX, GDPR, ISO, industry-specific standards).
• Manage risk and compliance audits, both internal and external.
• 
  

Experience :- 3-5 Years

Skills :- GRC, Governance Risk and Compliance, Information Security Governance,ISO 27001, PCI-DSS, NIST, TISAX, GRC platforms and tools

Shift Timings :- 6.30 pm - 3.30 am

About Omnicom Global Solutions

Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries.

OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management.

With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey.

Let’s build this together!

Role Overview

We have an exciting opportunity for an Analyst, Information Security Governance at our Hyderabad office. This role is part of the Governance, Risk, and Compliance (GRC) team and plays a vital role in driving effective and efficient security governance practices across Omnicom’s global operations.

The Information Security Governance Specialist will support security risk management, standards alignment, and audit coordination activities in line with ISO 27001, PCI, NIST, TISAX, and other regulatory frameworks. This role ensures that Omnicom maintains a strong compliance posture while executing proactive risk and governance processes.

Key Responsibilities

• Operate day-to-day Information Security Governance, Risk, and Compliance (GRC) activities across the organization.
• Support alignment and implementation of security standards including ISO 27001, PCI, NIST, and TISAX.
• Assist in the execution of Information Security Risk Management policies and procedures.
• Collaborate on internal and external audit activities and track remediation efforts to closure.
• Support documentation, reporting, and evidence gathering for compliance and regulatory assessments.
• Contribute to the continuous improvement of governance processes, control effectiveness, and risk posture.
• Coordinate with business units and IT teams to ensure governance standards are understood and adhered to.

Required Qualifications

• 3–5 years of experience in information security governance, risk, compliance, or audit.
• Working knowledge of ISO 27001, PCI-DSS, NIST, TISAX, or other major regulatory frameworks.
• Experience with policy implementation, risk assessment methodologies, and audit coordination.
• Ability to evaluate and articulate compliance requirements to technical and non-technical teams.
• Strong documentation, analytical, and reporting skills with attention to detail.
• Excellent interpersonal and communication skills to work cross-functionally.

Preferred Qualifications

• Certifications such as ISO 27001 Lead Implementer/Auditor, CISA, or similar.
• Experience with GRC platforms and tools.
• Exposure to vendor risk management and compliance monitoring.

JOB PURPOSE

The Governance Lead will drive the end-to-end ICT governance function to ensure that the organization’s information and communication technology (ICT) operations are well-governed, compliant, and optimized for performance. This senior role is responsible for overseeing vendor governance, including sourcing and contracting oversight, contractual compliance (Deliverables & Obligations), Service Level Agreement (SLA) management, enterprise risk management for ICT, and vendor relationship management.

PRINCIPAL ACCOUNTABILITIES

Sourcing & Contract Governance for ICT Operations, Solutions Engagement, Transformation Projects, Innovation and Airport Expansion Initiatives

• Ensure robust governance of all ICT sourcing and procurement activities. The Governance Lead will work jointly with the Procurement and Legal teams to establish and review ICT vendor contracts, making sure that terms, conditions, and service expectations are clearly defined and in line with organizational policies. This includes overseeing contracts for Solution Engagement (SE) projects, ICT projects, and major “PAL2” strategic initiatives, ensuring these contracts support the projects’ objectives and comply with internal standards.
• Policy Compliance in Procurement: Develop and enforce governance guidelines for ICT sourcing. Ensure that all RFPs, vendor evaluations, and contract awards follow the company’s procurement policies, ICT templates/standards and ethical standards for transparency and fairness.
• Contract Establishment and Approval: Coordinate contract drafting and negotiations in collaboration with Legal, making sure that deliverables, service levels, and compliance requirements are contractually documented. All ICT purchase requisitions and contracts should go through proper approval workflows as per the authority matrix.
• Vendor Selection Oversight: Participate in or oversee key vendor selection committees for significant ICT deals to provide governance perspective – validating that due diligence is performed, risks are assessed, and the best value vendors are chosen in alignment with strategic goals.

Deliverables & Obligations (D&O) Compliance for ICT Vendors

• Maintain strict compliance tracking of all vendor deliverables and obligations as per contracts. In this role, the Governance Lead ensures that each ICT vendor fulfills the commitments stipulated in their contracts.
• D&O Tracker Management: Implement and maintain a D&O tracking system for all ICT vendor contracts. This tracker lists every deliverable (e.g. monthly service reports, audit findings, project milestones, compliance certificates) and obligation (e.g. data backups, staffing levels, training sessions) that vendors owe, along with due dates. The Governance Lead reviews this tracker on a regular basis and updates the status of each item.
• Review and Verification: For each deliverable submitted by a vendor, coordinate with the relevant ICT operational teams to review the content and quality.
• Enforcement of Obligations: If vendors miss deadlines or fail to meet an obligation, the Governance Lead initiates escalation. This can include issuing formal notices of non-compliance through Governance notes, requiring the vendor to provide explanations, and setting immediate corrective actions. Repeated misses without valid reasons are treated seriously – flagged as non-compliances in governance forums and can trigger penalty clauses or management escalation as per the contract.
• Reporting D&O Compliance: Prepare summaries of D&O compliance status for leadership review (e.g., in monthly CDIO governance meetings). Highlight areas where compliance is strong and call out any deliverable that is delayed or disputed.

SLA Governance of ICT Vendors

• Monitor and govern service performance through Service Level Agreements (SLAs). The Governance Lead is responsible for ensuring that all ICT vendors meet or exceed their agreed Service Level targets, which is critical for reliable airport operations.
• SLA Definition and Alignment: Collaborate with procurement and technical teams during contract negotiation to define clear, measurable SLA metrics for each service.
• Performance Monitoring: The Governance Lead will regularly review vendors’ SLA performance reports covering all key metrics.
• SLA Change Management: Oversee any adjustments to SLAs over time. The Governance Lead manages a structured process for SLA re-baselining when necessary, negotiating changes with vendors and documenting them via formal contract amendments or change requests.
• Reporting: Summarize SLA compliance across all vendors in management reports. Highlight any significant SLA breaches and the actions taken.

Risk Management for the ICT organization

• Lead the ICT risk management and compliance efforts. Governance Lead, will implement a comprehensive risk management framework to identify, assess, and mitigate risks across the entire ICT landscape (infrastructure, applications, data, vendors, and processes).
• Risk Identification & Register: Work with all ICT sub-departments (operations, security, projects, etc.) to continuously identify potential risks – including operational risks (e.g. system failures, capacity shortfalls), security risks (cyber threats, data breaches), compliance risks (regulatory or policy violations), and vendor-related risks (dependency on a single supplier, supplier financial stability, etc.).
• Risk Assessment & Mitigation Planning: Conduct periodic risk assessments (e.g. quarterly or during major changes) to evaluate the current risk levels.
• Compliance Oversight: Ensure that ICT processes and vendors comply with relevant regulatory and policy requirements. This includes compliance with data protection laws (for instance, India’s Digital Personal Data Protection Act) and industry standards or certifications the organization adheres to (such as ISO/IEC 27001 for Information Security, ISO 2000 for IT Service Management, or other aviation industry regulations).
• Reporting and Review: Provide regular risk updates to senior management (e.g., risk dashboards or presentations to the CDIO or risk committee). Clearly communicate the top ICT risks, status of mitigation actions, and any support needed. Also, organize management review meetings for the ICT governance/risk domain.

Relationship Management for all ICT Vendors

• Serve as the executive owner of vendor relationships. Beyond enforcing contracts and SLAs, the Governance Lead focuses on building and maintaining strategic partnerships with ICT suppliers.
• Governance Structure & Meetings: Establish a structured vendor governance cadence. Governance Meetings: Monthly governance meetings to review overall performance, SLA metrics, ongoing issues, and progress on initiatives.
• Executive Steering Committees (ESC): Quarterly or bi-annual high-level meetings with the vendor’s senior executives and the organization’s ICT leadership to discuss strategic alignment, major upcoming projects, innovation ideas, and any significant concerns. For key vendors, ensure that Executive Steering Committee meetings happen on schedule and address the right agenda.
• Performance and Relationship Monitoring: Develop a vendor scorecard or dashboard for each major vendor that tracks not only SLA performance and D&O compliance, but also qualitative aspects like responsiveness, proactiveness, and quality of collaboration. Use these scorecards in governance meetings to provide a transparent view of how the vendor is doing. Additionally, solicit feedback from internal teams that interact with the vendor (e.g. project managers, engineers) to identify any pain points or areas of excellence. This holistic view feeds into a “relationship health” assessment discussed with the vendor.
• Vendor Development and Alternate Sourcing: Work on long-term strategies such as developing secondary vendors for critical services (to mitigate risk of single-supplier dependency) or helping improve a smaller vendor’s capabilities if they are important to the business.
• Executive Reporting on Vendor Ecosystem: Summarize the status of vendor relationships to executive leadership.

DIMENSIONS

Financial

• Ensure value delivery in all outsourced services and/or product contracts. Arrest any value leakage in the contract.

Non-Financial

• Manage a team of 1-2 FTEs with day-to-day task allocation, review, and guidance on in-scope functions.
• Assess the skills, capabilities & expectations of the team from time to time and work with BIAL ICT & HR leadership to define/refine the career path for the team periodically, along with identifying necessary training & mentoring needs of the team
• Provide inputs on team capacity planning & hiring plans if any

JOB SPECIFICATION

• In-depth understanding of IT governance frameworks and best practices.
• Familiarity with standards like COBIT and ITIL/ISO 2000
• Strong knowledge of contract management principles, procurement processes, and legal basics of IT contracts (liabilities, indemnities, penalties, etc. in vendor agreements).
• Solid grasp of risk management techniques and compliance requirements relevant to ICT – including cybersecurity standards (ISO 27001) and data protection regulations.
• Analytical and Problem-Solving: Exceptional analytical skills to interpret performance data, contract details, and risk assessments.
• Leadership and Influence: Demonstrated ability to lead cross-functional teams and influence without direct authority.
• Communication: Excellent communication and interpersonal skills. Must be adept at stakeholder management – able to communicate effectively with C-level executives as well as technical project managers.

Qualifications

• Bachelor’s degree in CS, IS, Engineering
• MBA or a relevant master’s degree is highly valued
• 12-15 years of experience in the IT/ICT sector, with 5-7 years in leadership roles focusing on IT governance, vendor management & program management
• 5 days WFO