GRC Lead

Ushur delivers the world’s first Customer Experience Automation platform built specifically for regulated industries. Purpose-built for delivering ideal self-service, Ushur infuses intelligence into digital experiences for the most delightful and impactful customer engagements. Equipped with guardrails and
compliance-ready infrastructure, Ushur powers vertical AI Agents for healthcare, financial services and insurance use cases.
Designed for rapid code-less deployment with flexible, advanced capabilities for IT and business teams, enterprises can transform customer and employee journeys at scale in the fastest time to value.

Title: GRC Lead

Experience: 8-10 Years

Location: Bangalore

Work Mode: Hybrid

About the Role
Ushur is looking for a motivated, passionate, GRC Lead. The GRC Lead will be working with the GRC Director to implement GRC initiatives and charter for Ushur. Implement processes to ensure that protection, compliance & certifications are maintained in the organization in an ongoing manner. Where necessary, the consultant should assist the GRC director to acquire new certifications & compliances, to initiate & support ongoing audits, to mention a few. You will collaborate across various teams and offer support & guidance to product management, customer success & support, system architects, engineering development and quality assurance teams.

Responsibilities

• Responsible for implementing the GRC charter in order to improve the overall security & compliance posture of the organization.
• Work with external security & related disciplines consultants and will be a part of developing the security mindset of our teams
• Support & nurture regulations such as CCPA, GDPR, HIPAA, HITRUST, etc.
• Support certification and compliance audit activities e.g., SOC2, HITRUST, ISO 27001 and PCI-DSS
• Contribute towards organization security, focusing on our product & our corporate security hygiene
• Establish policies, procedures, and guidelines.
• Subject matter expert when it comes to security & GRC practices
• Continuous alignment and improvement of the GRC processes with various stakeholders, leveraging existing GRC tools in place, finding out what more is required to support our business processes and keep working around overall security governance, risk management, and various audits all year around.

Qualifications

• At least 8-10 years of experience in IT with a minimum 3 years in security/ GRC
• Skills in Cloud Concepts, Cloud Security and SaaS Security
• Experience working in an AWS cloud environment is a must
• Experience in drafting policies, procedures, and reports
• Experience with Security Operations will be an advantage
• Must have performed compliance Tasks e.g., involved in assessments, risk management, audits, drafting policies, procedures, and reports
• Knowledge of organization accreditation/certifications e.g., SOC2/ ISO 27001/ PCI DSS etc.
• Knowledge of different types of frameworks, regulations, standards, and best practices e.g., NIST CSF, CSA, CIS, HITRUST etc.
• Prior experience using the GRC tool will be an advantage
• DevSecOps/ DevOps Skills
• Security Testing Knowledge e.g., SAST, DAST, VAPT etc.
• Vulnerability Management Skills
• Knowledge of Data Security and Privacy
• Knowledge of the Incident Response process
• Prior experience of involvement in control implementation will be an advantage
• Knowledge of DR, BCP, Malware campaign, advisory etc.
• Knowledge of EDR, MDR, DLP and any other endpoint protection tool
• Knowledge of any automation, standardization and templatization skills will be an advantage
• Knowledge of industry regulation on security and privacy e.g., GDPR, CCPA, DPDP etc.

Why Join Us?

• Thriving Company Culture: At Ushur, we foster a values-driven culture that prioritizes respect, inclusion, and collaboration. We empower every individual to thrive, contribute innovative ideas, and make a meaningful impact in a supportive and dynamic environment.
• Bring Your Whole Self to Work: We celebrate diversity and believe that innovative ideas thrive in an inclusive environment where every team member is valued. As a dynamic start-up, we recognize that every individual makes a significant impact.
• Rest and Recharge: We encourage work-life balance with 20 days of flexible paid time off annually. Your well-being matters, and we make space for it.
• Comprehensive Health Benefits: Your health is a priority. We provide preventive health check-ups, medical insurance coverage for employees and their dependents, wellness sessions, and expert-led health talks at the office.
• Invest in Your Future: We offer competitive compensation and stock options to give you a stake in Ushur’s success. You’ll grow with us while contributing meaningfully to our journey.
• Embrace Growth: Growth Mindset is one of our core values – we believe in lifelong learning. Employees are encouraged to explore certification courses and professional development, with reimbursement opportunities. You’ll also have access to the Ushur Community’s vast learning resources.
• Flexible Work Options: We recognize the need for flexibility. Depending on your role and location, we offer an in-office or hybrid work model that supports both collaboration and personal well-being.