GRC Manager Tech Security and Risk

    • Bangalore, India

Site Name: India - Karnataka - Bengaluru
Posted Date: Mar 3 2020
Key Responsibilities:

The GRC Manager role is responsible for providing support for IT activities, ensuring that risks & controls are identified, prioritized, effectively managed, and monitored. This role ensures all required internal and external compliance requirements are met and delivers a reduction in the overall risk profile for GSK stakeholders.
This role does not have direct reports, although it may include multiple matrix relationships within GRC, Tech Strategy and Risk, other business and support functions, and external suppliers

  • Change Management
  • Risk Management
  • Quality and Compliance reviews for Tech and digital projects, services and suppliers
  • Audit support
  • Support for development and implementation if Tech / digital controls

Knowledge/ Education / Previous Experience Required
Basic qualifications:
  • Experience in an IT delivery/support function and/or risk management/compliance function
  • Ability to manage multiple priorities/projects simultaneously, including the ability to manage relationships with internal and external stakeholders and resolve challenging issues
  • Ability to make pragmatic decisions based upon an assessment of likely risks
  • Independent thinker and self starter with capabilities in problem solving and innovation
  • Experience with analysing data and determining opportunities for process improvements
  • Excellent problem-solving skills with the ability to proactively identify issues and solutions

Preferred qualifications:
  • Graduate degree
  • Experience with risk management processes and best practices, and knowledge of risks inherent to IT and digital technologies (security, privacy, legal, etc.)
  • Management experience of cross-functional teams located globally
  • Experience of successfully managing assurance or operational activities within a Business Unit
  • Basic understanding of global data protection and privacy practices, laws/regulations
  • Professional certifications and continuing professional education eg CISA, CRISC certifications
  • Understanding of IT Management Systems and how a business unit deploys Tech development and project methodologies (e.g. agile methodologies, VFQ)
  • Experience in interpreting policies, procedures and processes for ensuring compliance with risk management programs
  • Knowledge of IT Support processes (e.g., ITIL)
  • Knowledge of Information security standards (e.g., ISO27001)
  • Knowledge of Robotics Process automation, chat bots and AI


Our goal is to be one of the world's most innovative, best performing and trusted healthcare companies. We believe that we all bring something unique to GSK and when we combine our knowledge, experiences and styles together, the impact is incredible. Come join our adventure at GSK where you will be inspired to do your best work for our patients and consumers. A place where you can be you, feel good and keep growing.

Important notice to Employment businesses/ Agencies
GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.

It has come to our attention that the names of GlaxoSmithKline or GSK or our group companies are being used in connection with bogus job advertisements or through unsolicited emails asking candidates to make some payments for recruitment opportunities and interview. Please be advised that such advertisements and emails are not connected with the GlaxoSmithKline group in any way.

GlaxoSmithKline does not charge any fee whatsoever for recruitment process. Please do not make payments to any individuals / entities in connection with recruitment with any GlaxoSmithKilne (or GSK) group company at any worldwide location. Even if they claim that the money is refundable.
If you come across unsolicited email from email addresses not ending in or job advertisements which state that you should contact an email address that does not end in "", you should disregard the same and inform us by emailing, so that we can confirm to you if the job is genuine.

Back to top