[Remote] Lead GRC Consultant
Note: The job is a remote job and is open to candidates in USA. Mphasis is a company that applies next-generation technology to help enterprises transform businesses globally. They are seeking a Lead GRC Consultant who will bridge the gap between IAM, Compliance, and Enterprise Change & Risk management, driving compliance across the IAM program and managing complex SOC audits.
Responsibilities
- Lead IAM Audits & Compliance Reviews: Be the go-to expert for internal and external IAM audits, ensuring everything is in line with SOC and security regulations
- Thought Leadership: Identify control & process gaps, risk, issues, dependencies. Engage both Mphasis & Client stakeholders towards addressing those. Provide recommendations for improvement, industry best practices. Drive implementation of the recommendations by engaging Business & IT stakeholders
- Ensure Proper Access Control: Oversee who gets access to what, ensuring that permissions are granted, reviewed, and revoked as per compliance standards
- Run Quality Control (QC) Checks: Perform regular QC reviews on IAM processes to catch and fix any compliance gaps before they become audit failures
- Investigate & Fix Audit Failures: Dig deep into audit findings, categorize issues (control gaps, process failures, or missing evidence), and work with teams to fix them
- Track Compliance Progress: Maintain reports and dashboards that show how well we’re doing in audits and where improvements are needed
- Create & Deliver Client Presentations: Build & present PowerPoint decks & dashboard that clearly present compliance updates, risk assessments, and remediation plans to both client & Mphasis leadership
- Ensure Proper Documentation & Audit Evidence: Make sure every IAM request, approval, and change is properly logged and easily accessible for audits
- Test & Validate IAM Controls: Regularly check if current access management policies are working as intended and Separation of Duties (SoD) checks
- Drive Remediation Efforts: Work closely with IAM and application teams to resolve compliance issues and ensure audit readiness
- Communicate with Stakeholders: Act as the key contact between IT, security, and audit teams, ensuring alignment of compliance goals
- Ensure Alignment with Regulations: Keep IAM program compliant with frameworks like SOC and internal policies
Skills
- 10+ years of relevant experience
- Experience in managing large SOC 1 & SOC 2 audit & consulting programs
- Knowledge in manual & Identity and Access management lifecycle in SailPoint and ForgeRock SSO
- Knowledge in navigating and gathering evidences from SNOW and other sources
- Ability to coordinate project activities across multiple internal stakeholders, providers and vendors
- Ability to coordinate and track status of the projects & Program with business users and senior leadership
- Ability to provide executive status briefings that reflect accurate project plans, timelines, and risks with Sr. Leadership & CXO
- Proficient with ServiceNow, JIRA, MS Excel, MS Power Point and MS Project for status reporting and maintaining dashboards
- First Level University degree
- Healthcare will be added advantage
- Advanced University degree preferred
- Healthcare domain will be added advantage
Company Overview
Company H1B Sponsorship