About ACKO

ACKO is the protection destination for over 200 million tech-savvy families across India, protecting their families, assets and money. Launched in 2016, ACKO started by reimagining insurance, making it simple, hassle-free and customer-first. Today, our mission goes beyond that: we aim to touch the lives of 1 million users, building products that solve real-world problems with technology at the core.

We are not just another insurance company, our DNA is product-tech, and our approach is bold, innovative, and digital-first. From zero commission, zero paperwork, and instant renewals to same-day claims settlements and app-based tracking, ACKO is a Welcome Change from traditional insurers.

But what truly sets us apart? Our people. At ACKO, every Acker’s voice and ideas matter. We’re a vibrant, inclusive team of creators, thinkers, and doers, building products that redefine protection while ensuring each Acker grows, thrives and does meaningful work.

Join us at ACKO, where bold ideas, real impact and tech-driven innovation redefine protection and peace of mind - and where YOU can make a real difference in people's lives. ACKO is a product-tech company, launched in 2016, solving real-world problems for customers, starting with insurance. And as a customer-first organization serving the digitally-savvy, ACKO’s value proposition of ‘Welcome Change’ focuses on offerings that make insurance simple and hassle-free! With features such as zero commission, zero paperwork, instant renewal, same-day claim settlements, and app-based updates on claims, ACKO is a 'Welcome Change' from traditional insurers.

Having said that, we are not just another conventional insurance firm, or the people consulted solely for "claims”! Anchored in a tech-centric philosophy, ACKO’s approach fuels innovation, empowering us to develop comprehensive products that cater to every aspect of our customers' insurance requirements. And while we are at it, we put our Ackers at the heart of everything we do. We're not your typical 9-to-5 workplace; we're a vibrant and inclusive bunch of innovators and creators making sure every Acker’s idea matters, their voice is heard, and their growth is part of our mission.

About the role

We are seeking a highly qualified Governance, Risk, and Compliance (GRC) Specialist with a minimum of 6 years of experience in the insurance industry. 

The ideal candidate will possess strong technical skills, extensive expertise in GRC frameworks, proficiency in relevant tools and technologies, and certifications such as CISM (Certified Information Security Manager) or an equivalent certification (e.g., CRISC, ISO 27001 LA/LI). 

Additionally, knowledge of ISO 27001 standards, IRDAI (Insurance Regulatory and Development Authority of India) cyber security guidelines, SOC (Service Organization Control) reports, and PCI DSS (Payment Card Industry Data Security Standard) are essential for this role. Experience in internal auditing is also critical. 

This position requires a strategic thinker who can effectively manage risks, enhance governance structures, and streamline compliance processes within our organization.

Key Responsibilities:

• Develop and implement comprehensive GRC frameworks, policies, and procedures tailored to the insurance sector.

• Utilize GRC software/tools (e.g., RSA Archer, MetricStream, etc.) effectively to streamline compliance processes and enhance monitoring capabilities.

• Conduct regular risk assessments and audits to identify vulnerabilities, non-compliance issues, and areas for improvement.

• Collaborate with cross-functional teams to enhance governance practices and risk management strategies.

• Stay abreast of regulatory changes and industry trends to ensure compliance and mitigate risks effectively.

• Provide guidance and training to employees on compliance matters, fostering a culture of awareness and adherence.

• Lead investigations into compliance breaches or incidents, ensuring timely resolution and preventive measures.

• Prepare detailed reports and presentations for senior management and regulatory bodies regarding compliance activities and findings.

• Utilize internal audit skills to assess the effectiveness of internal controls and recommend enhancements as needed.

• Act as a subject matter expert on GRC issues, providing advice and support to stakeholders across the organization.

Qualifications:

• Bachelorʼs degree in Computer Science, Risk Management, Information Systems, or a related field; Masterʼs degree preferred.

• Minimum of 6 years of progressive experience in governance, risk management, and compliance within the insurance industry is preferred.

• Strong technical skills with proficiency in GRC software/tools (e.g., RSA Archer, MetricStream, etc.), data analytics, and information security principles.

• Hold certifications such as CISM (Certified Information Security Manager) or an equivalent certification (e.g., CRISC, ISO 27001 LA/LI).

• Knowledge of ISO 27001 standards, SOC reports, PCI DSS, and familiarity with IRDAI cyber security guidelines.

• Experience in conducting internal audits and assessments of internal controls.

• Extensive knowledge of regulatory frameworks such as GDPR, HIPAA, SOX, and industry-specific regulations.

• Proven track record of successfully developing and implementing GRC strategies and initiatives.

• Exceptional analytical and problem-solving abilities, with a keen attention to detail.

• Excellent communication and interpersonal skills, with the ability to interact effectively with diverse stakeholders.

• Strong project management skills, capable of managing multiple priorities and deadlines effectively.