Domain Specialist - RegTech - Audit, GRC, TPRM, Sustainability

Role: Domain Specialist - IT Audit and GRC

Location: Mumbai (Full-time, Work from Office)

Company Description

WhyMinds Global is a deep tech startup focused on developing AI-led technology products and consulting solutions for various industries including Banking and Financial Services, E-commerce, Digital Media, Regulatory Compliance, Sustainability etc.

Job Summary

We are seeking a highly skilled Domain SME in the field of IT Audit and GRC with a deep understanding of Third-Party Risk Management (TPRM) to join our dynamic product team building an AI-led RegTech platform. The ideal candidate will have 4 to 8 years of relevant experience in regulated Banking and Financial Services environments, demonstrating expertise in audit practices, compliance frameworks, risk assessments, and vendor management compliances. This role demands an individual who is adept at managing complex processes, building control maps, and ensuring adherence to global standards such as TPRM, ESG, ISO 27001, and GDPR.

Key Responsibilities

• Knowledge of Audit and Compliance Management:
• Possess solid expertise of IT audits including internal, external, and regulatory audits.
• Prior experience in Planning, executing, and documenting onsite inspections and audit submissions.
• Eye for detail in assessing, analyzing, and reporting on IT controls, processes, and evidence gathering.
• Risk Assessment & Management:
• Ability to distill the criteria to identify, evaluate, and quantify IT risks through qualitative and quantitative methods.
• Prior experience of defining or executing materiality assessments and risk identification across various IT domains.
• Prior experience of developing and maintaining risk registers, ensuring timely remediation of identified observations.
• Third-Party Risk Management (TPRM):
• Should have led or have sound understanding of TPRM initiatives, including vendor onboarding, ongoing monitoring, and risk assessments.
• Ensure robust outsourcing risk management and compliance processes are in place.
• Collaborate with vendor management teams to assess controls, perform due diligence, and manage third-party risks.
• Governance, Risk, and Compliance (GRC):
• Maintain up-to-date control maps and ensure alignment with regulatory frameworks.
• Oversee compliance with frameworks and standards such as TPRM, ESG, ISO 27001, GDPR, and others.
• Develop, implement, and review comprehensive checklists for compliance and control assurance.
• Process and Control Optimization:
• Map and monitor critical IT processes including change management, incident management, asset management, user access management, and access control matrix.
• Recommend and implement process improvements to enhance control environments and mitigate risks.
• Documentation and Communication:
• Understanding of Audit reporting, documentation, and management presentations.
• Create and maintain comprehensive process documentation checklists.
• Ability to define a criteria in discovering findings and recommendations effectively with both technical and non-technical stakeholders.

Required Qualifications and Experience

• Experience: Minimum 4+ years in IT audit, risk management, or GRC roles within regulated Banking and Financial Services institutions.
• Educational Background: Bachelors degree in information technology, Computer Science, Finance, or a related discipline. Professional certifications (e.g., CISA, CRISC, CISM) are a plus.
• Regulatory Exposure: Proven experience working in regulated environments with a strong understanding of audit requirements and compliance frameworks.

Skills and Competencies

• Technical Proficiency:
• In-depth knowledge of IT processes, tools, systems, and controls.
• Strong grasp of risk assessment methodologies (qualitative and quantitative) and materiality assessments.
• Experience with vendor management, outsourcing risk management, and IT compliance frameworks.
• Compliance & Framework Knowledge:
• Clear understanding of TPRM, ESG, ISO 27001, GDPR, and related compliance standards.
• Ability to build and maintain control maps aligned with key processes such as change management and incident management.
• Analytical and Communication Skills:
• Excellent analytical skills with the ability to assess complex data and control environments.
• Strong documentation skills with a keen attention to detail.
• Effective communication and presentation abilities, capable of translating technical findings into actionable business insights.
• Organizational Competence:
• Ability to manage multiple projects and priorities simultaneously.
• Proactive and self-driven with a collaborative approach to problem solving.

What We Offer

• An opportunity to work with an AI-first product startup in a dynamic and challenging environment.
• Exposure to advanced GRC and audit practices within the Banking and Financial Services sector in a global setting.
• A supportive work environment fostering continuous learning and professional growth.

If you are a motivated IT Audit and GRC Specialist with a passion for ensuring robust compliance and risk management, we invite you to apply and join our team in Mumbai.