About the Role:

Grade Level (for internal use):

The Team:

Join our innovative organization as a GRC Leader with 12 years of progressive experiencegovernance risk and compliance. You will architect and lead a proactive automation-centric GRC program within a high-velocity AI-native environment. This role is not about compliance checkboxes driven by external audits; instead you will own the internal risk lifecycle end-to-endfrom anticipatory cyber security risk identification to automated remediationembedding security as a core business accelerator. You will build and lead a lean high-impact GRC team that operates with engineering rigor data-driven precision and cultural influence.

The Impact:

As the GRC Leader you will lead proactive risk identification quantification treatment and continuous monitoring across cloud environments (AWS/GCP/Azure) applications AI/ML models and data platforms. Your expertise will enhance our security posture by implementing real-time risk scoring engines automating evidence collection and managing Management Action Plans (MAPs). You will also cultivate a security culture and ensure alignment with internal standards while leading assurance reviews and third-party risk assessments.

Whats in it for you:

This role offers exceptional learning opportunities and engagement with senior management across the company. You will collaborate with key stakeholders on meaningful projects fostering daily professional growth. Your primary responsibilities will include leading the GRC team developing audit coverage for new and emerging technologies and leveraging cutting-edge digital capabilities including AI and data analytics to enhance GRC activities.

---

Primary Duties and Responsibilities:

• Lead the GRC team providing comprehensive risk-based coverage for cloud infrastructure applications AI/ML models and data platforms.
• Work with engineering team to design and implement real-time risk scoring engines using behavioral analytics and anomaly detection.
• Own Management Action Plans (MAPs) from creation to closure driving accountability through automated workflows.
• Transition from periodic reporting to continuous assurance with live dashboards and predictive risk signals.
• Work with Engineering team to Architect and operationaliseautomated evidence collection for 150 controls using tools like ServiceNow GRC Drata or OneTrust.
• Build self-healing remediation playbooks to enhance operational efficiency.
• Recruit mentor and lead a GRC team blending policy automation and data skills.
• Launch a self-service policy portal to enhance user experience and engagement.
• Lead internal security assurance reviews and manage the third-party risk lifecycle.
• Maintain living mappings of internal standards to SOC 2 ISO 27001 and NIST AI RMF.

Requirements:

• Bachelors degree in information technology Computer Science or a related field; Masters degree or relevant certifications (CISA CRISC CISSP or equivalent) preferred.
• Minimum of 12 years of experience in GRC risk management or security assurance with at least 5 years in a leadership role.
• Strong knowledge of cloud security (AWS/GCP/Azure) and AI/ML risk frameworks.
• Proven ability to lead audits and manage multiple projects simultaneously in a fast-paced environment.
• Experience with automation tools for GRC workflows (ServiceNow Drata OneTrust or equivalent).
• Outstanding verbal and written communication skills capable of presenting findings and recommendations to senior management and stakeholders.
• Strong leadership and team management skills with experience in mentoring and developing audit team members.
• Strong Data Security Governanceexperience

Whats In It For You

Our Purpose:

Progress is not a self-starter. It requires a catalyst to be set in motion. Information imagination people technologythe right combination can unlock possibility and change the world.

Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence pinpointing risks and opening possibilities. We Accelerate Progress.

Our People:

Were more than 35000 strong worldwideso were able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all.

From finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. Were committed to a more equitable future and to helping our customers find new sustainable ways of doing business. Were constantly seeking new solutions that have progress in mind. Join us and help create the critical insights that truly make a difference.

Our Values:

Integrity Discovery Partnership

At S&P Global we focus on Powering Global Markets. Throughout our history the worlds leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do bring a spirit of discovery to our work and collaborate in close partnership with each other and our customers to achieve shared goals.

Benefits:

We take care of you so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global.

Our benefits include:

• Health & Wellness: Health care coverage designed for the mind and body.

• Flexible Downtime: Generous time off helps keep you energized for your time on.

• Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.

• Invest in Your Future: Secure your financial future through competitive pay retirement planning a continuing education program with a company-matched student loan contribution and financial wellness programs.

• Family Friendly Perks: Its not just about you. S&P Global has perks for your partners and little ones too with some best-in class benefits for families.

• Beyond the Basics: From retail discounts to referral incentive awardssmall perks can make a big difference.

For more information on benefits by country visit: Hiring and Opportunity at S&P Global:

At S&P Global we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills experience and contributions. Our hiring practices emphasize fairness transparency and merit ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration we drive innovation and power global markets.

Recruitment Fraud Alert:

If you receive an email from a domain or any other regionally based domains it is a scam and should be reported to. S&P Global never requires any candidate to pay money for job applications interviews offer letters pre-employment training or for equipment/delivery of equipment. Stay informed and protect yourself from recruitment fraud by reviewing our guidelines fraudulent domains and how to report suspicious activityhere.

Required Experience:

Director