Health Catalyst

GRC Manager / Offshore Team Lead

Hyderabad April 15, 2026 Full Time
  • We are seeking a GRC Manager to lead our offshore Governance, Risk & Compliance team in India. This team consists of Junior Analysts specializing in customer risk assessments, policy and procedure management, and automated evidence collection using the Anecdotes platform. The GRC Manager will provide local leadership, ensure team alignment with organizational goals, and track KPIs for performance. The ideal candidate will have a strong understanding of compliance frameworks (HITRUST, SOC 2, ISO 27001, NIST, RAMP), policy governance, and continuous monitoring processes.
Key Responsibilities
Team Leadership & Operations
  • Provide daily leadership, coaching, and oversight for the offshore GRC team.
  • Maintain close alignment with the U.S. based GRC Manager on priorities, deliverables, and escalations.
  • Serve as the local point of contact for workload planning, staffing needs, and performance management.
Hands-On GRC Execution
  • Actively participate in day to day GRC operations this is a hands-on leadership role .
  • Support and review customer security questionnaires and risk assessments.
  • Oversee policy and procedure lifecycle management, ensuring accuracy and timely updates.
  • Manage evidence collection and mapping across frameworks using Anecdotes or similar platforms.
Quality, Metrics & Continuous Improvement
  • Track, analyze, and report on KPIs such as turnaround time, accuracy, volume, and policy review cadence.
  • Identify inefficiencies and lead process-improvement initiatives.
  • Ensure alignment and compliance with HITRUST, SOC 2, ISO 27001, NIST, and RAMP framework requirements.
  • Assist with escalations involving complex customer requests or audit inquiries.
  • Maintain documentation for workflows, processes, KPIs, and team performance.
Qualifications Required
  • Bachelor s degree in Cybersecurity, Information Technology, or related field (or equivalent experience).
  • 5+ years of experience in GRC, compliance, or information security roles.
  • Strong working knowledge of HITRUST, SOC 2, ISO 27001, NIST, and X RAMP frameworks.
  • Demonstrated experience leading or mentoring teams.
  • Excellent written and verbal communication skills, including cross functional collaboration.
  • Ability to analyze KPIs and drive measurable improvements.
Preferred Certifications
  • CISM (Certified Information Security Manager)
  • CISSP (Certified Information Systems Security Professional)
  • CISA (Certified Information Systems Auditor)
  • CRISC (Certified in Risk and Information Systems Control)
  • HITRUST CCSFP (Certified CSF Practitioner)
  • ISO 27001 Lead Auditor or Lead Implementer
  • CGRC (Certified in Governance, Risk, and Compliance; formerly CAP)
  • CCSK or CCSP (Cloud security certifications bonus)
Preferred Skills
  • Experience with GRC automation platforms (Anecdotes or similar).
  • Experience working with external assessors or auditors.
  • Familiarity with policy management software and audit-reporting tools.
  • Understanding of cloud environments, co location hosting concepts, and SaaS security principles.
Apply on company site

How well do you match this role?

Check My Resume