Apply

Practice Lead - GRC Assurance Remote (India)Customer Experience /Remote /Remote APPLY FOR THIS JOB Sprinto is an AI-native GRC platform that helps organisations manage risks, audits, vendor oversight, and continuous monitoring from a single connected platform. With a team of 350+ employees serving 3,000+ customers across 75+ countries, Sprinto combines scale with expertise to deliver trust and compliance. Backed by top-tier investors such as Accel, Elevation, and Blume Ventures, we’ve raised $31.8M in funding to fuel our mission. Trusted by leading organisations including Whatfix, Anaconda, Ultrahuman, WeWork, AI Foundation, and HackerRank, Sprinto supports 300+ integrations and 200+ global security standards, including SOC 2, ISO 27001, GDPR, HIPAA, and PCI-DSS.Founded in 2020 by second-time entrepreneurs Girish Redekar and Raghuveer Kancherla, Sprinto is recognised as a Leader on G2 in Compliance Automation and has been named a LinkedIn Top Startup multiple years in a row. Sprint with Sprinters:  At Sprinto, your work has purpose — and your life has space. We are a workplace where you’re empowered to execute on your most ambitious ideas and deliver your best output in a fast-paced, innovative, and supportive environment. Joining Sprinto means you will never run alone; you will always have the freedom to take your shot and the support to go farther than you imagined The Role: Sprinto is building a Managed Services wing that will evolve from framework digitisation into a broader services portfolio, including implementation consulting, risk & privacy assessments, policy reviews, internal audits, and security assurance programs. This leader will build the function from the ground up with strong governance, repeatability, and commercial accountability.  What you’ll do Build the function Create delivery operating model: intake, scoping, SOWs, QA, SLAs, change control, and reporting. Build reusable IP: templates, playbooks, mapping libraries, workshop agendas, and QA rubrics. Hire and lead a team of specialists; build service-line pods over time. Deliver and scale service lines (phased) Phase 1: framework digitisation & control/check mapping inside Sprinto. Phase 2: packaged services for risk assessment, privacy (DPIA), policy review, internal audits, and audit readiness support. Phase 3: scale into security assurance programs and partner-led offerings (e.g., VAPT program management, vendor governance, QA, and customer outcomes). Own commercial outcomes Define service packaging and pricing models (fixed-fee tiers, retainer options where relevant). Own utilization, margins, capacity planning, delivery forecasting, and predictable throughput. Partner with Sales/SE/CS to attach services appropriately and improve enterprise deal conversion + retention. AI-enabled service productisation Create “AI-assisted playbooks” for repeatable services (DPIA, risk assessment, policy review, internal audit checklists). Build structured input forms/checklists that juniors can fill out, enabling consistent output. Define QA guardrails (mandatory source inputs, validation steps, human approval gates). Maintain an internal library of prompts/templates and continuously improve them based on audit/customer feedback. Ensure quality and manage risk Establish acceptance criteria and review mechanisms for deliverables. Define boundaries and disclaimers to avoid uncontrolled liability. Build partner qualification standards and a QA framework for third-party-delivered services. What we’re looking for Experience 8–10+ years in GRC/security consulting, audit/advisory, or building managed compliance programs. Demonstrated experience building/scaling a services practice or delivery org (0→1 to repeatable). Strong experience with enterprise customers and multi-stakeholder delivery. Domain mastery ISO 27001, SOC 2, GDPR; strong risk assessment experience. Privacy assessments (DPIA) hands-on. Comfort with complex frameworks like FedRamp, HITRUST, NI ... (truncated, view full listing at source)