Sprinto - Practice Lead - GRC Assurance
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• 8–10+ years in GRC/security consulting, audit/advisory, or building managed compliance programs. • Demonstrated experience building/scaling a services practice or delivery org (0→1 to repeatable). • Strong experience with enterprise customers and multi-stakeholder delivery. • ISO 27001, SOC 2, GDPR; strong risk assessment experience. • Privacy assessments (DPIA) hands-on. • Comfort with complex frameworks like FedRamp, HITRUST, NIST family and regional regulations • Proficiency in building AI-enabled workflows • Demonstrated ability to use AI tools (e.g., ChatGPT-style workflows) to reduce manual effort and standardize deliverables. • Ability to translate domain expertise into reusable templates and guided systems. • Strong judgment around accuracy, confidentiality, and review requirements. • Operator strengths • Ability to productize services (packages, deliverables, QA, SLAs). • Strong commercial ownership: pricing, margins, capacity planning. • Excellent written communication and workshop leadership. • Strong decision-making in ambiguity, without scope creep. • Prior leadership of multi-service GRC offerings (risk, privacy, internal audits, readiness). • Experience in auditing and implementing GRC frameworks • Certifications (good to have): ISO 27001 LA/LI, CISA, CISM, CISSP or PCI QSA. • Success metrics • Services revenue growth trajectory toward the long-term contribution target. • Delivery cycle time, rework rate, QA pass rate, customer satisfaction. • Utilisation and gross margin improvement via reuse and standardisation. • Attach rate (services + product), deal unblock impact, retention uplift. • ## How We Care For Our Sprinters : • Work wherever you are: We’re 100% remote, so you get to choose if you want to work from home, cafe, hills or beaches. • Co-working on the house: If co-working is your jam, we offer a generous annual allowance of up to INR 14,000* for social working. • We care about your learning: We are invested in seeing you grow, and commit USD 1000 annually to help you level up your skills. • We count your spark, not your leaves: We care about you not just as an employee, but as a person. So if you need a reset, make use of Unlimited leaves. • Your Safety Net, Woven in: We take care of the what-ifs. From health insurance with coverage up to INR 10 lakh for you and your family, to accident protection of an additional INR 10 lakh, and life insurance worth 3× your annual salary, our benefits wrap you and your family in protection so you can focus on thriving. • Workspace setup of your dreams: Work from anywhere, and if that’s home, we’ll chip in INR 35,000 to help you create a space that’s as effortless as your workflow. CX_POD
Responsibilities
• Build the function • Create delivery operating model: intake, scoping, SOWs, QA, SLAs, change control, and reporting. • Build reusable IP: templates, playbooks, mapping libraries, workshop agendas, and QA rubrics. • Hire and lead a team of specialists; build service-line pods over time. • Deliver and scale service lines (phased) • Phase 1: framework digitisation & control/check mapping inside Sprinto. • Phase 2: packaged services for risk assessment, privacy (DPIA), policy review, internal audits, and audit readiness support. • Phase 3: scale into security assurance programs and partner-led offerings (e.g., VAPT program management, vendor governance, QA, and customer outcomes). • Own commercial outcomes • Define service packaging and pricing models (fixed-fee tiers, retainer options where relevant). • Own utilization, margins, capacity planning, delivery forecasting, and predictable throughput. • Partner with Sales/SE/CS to attach services appropriately and improve enterprise deal conversion + retention. • AI-enabled service productisation • Create “AI-assisted playbooks” for repeatable services (DPIA, risk assessment, policy review, internal audit checklists). • Build structured input forms/checklists that juniors can fill out, enabling consistent output. • Define QA guardrails (mandatory source inputs, validation steps, human approval gates). • Maintain an internal library of prompts/templates and continuously improve them based on audit/customer feedback. • Ensure quality and manage risk • Establish acceptance criteria and review mechanisms for deliverables. • Define boundaries and disclaimers to avoid uncontrolled liability. • Build partner qualification standards and a QA framework for third-party-delivered services.
Similar Jobs
No credit card. Takes 10 seconds.