Lead Digital Risk Management

Country:

Location:

Role: Lead Digital Risk Management – Cyber Security

Location: Bangalore

Full/ Part-time: Full Time

Position Summary: To manage and oversee Enterprise/digital risks and emerging technology risk across Carrier’s IT ecosystem. This role ensures that digital innovation, customer-centric platforms, and AI-driven solutions are built with secure-by-design principles, while addressing regulatory, reputational, and ethical risk factors.

About the role:

his role collaborates closely with the IT Risk Lead and IT Risk Analysts to ensure enterprise-level visibility and harmonized governance of both traditional and digital risk profiles.

Key Responsibilities:

Digital Risk Governance & Policy Management

• Define and implement digital risk governance framework covering data, platform, and application risk.
• Establish risk policies and guardrails for innovation teams building AI, IoT, cloud-native, and SaaS-based services.
• Align digital risk controls with broader enterprise risk and compliance strategies.

Risk Identification, Assessment & Prioritization

• Conduct and oversee IT risk assessments (inherent and residual) across critical applications, infrastructure, and projects.
• Guide IT Risk Analysts in executing risk analysis, evidence collection, and scoring processes.
• Facilitate scenario-based and targeted risk assessments for high-impact areas including cloud migrations, system upgrades, and M&A.
• Maintain and update risk registers, scoring models, and risk heatmaps using GRC tools - ServiceNow IRM

Emerging Technology & Innovation Risk Oversight

• Lead risk reviews for AI/ML use cases, IoT deployments, mobile platforms, and edge computing.
• Collaborate with product owners and the IT Risk team to embed digital risk assessments into product lifecycle and agile ceremonies.
• Evaluate new technologies and digital models for ethical risk, data misuse, algorithmic bias, and governance.

Cloud & Data Governance

• Assess risks in multi-cloud environments and ensure adoption of cloud security posture management (CSPM).
• Partner with Data Governance teams to ensure proper classification, encryption, and data usage tracking.
• Conduct threat modeling and architectural reviews for digital and data-intensive products.

Digital Trust, Privacy & Regulatory Risk

• Lead digital privacy impact assessments (DPIAs), especially for user-facing applications and smart devices.
• Monitor evolving digital regulations (GDPR, CCPA, AI Act, etc.) and assess compliance impact.
• Partner with legal, compliance, and engineering teams to ensure consumer trust and ethical AI practices.

Stakeholder Engagement & Risk Reporting

• Prepare and present monthly/quarterly risk dashboards to senior leadership, Risk Council, and DCC.
• Coordinate with IT Risk Lead and Analysts to incorporate digital indicators into enterprise-wide risk views.
• Monitor risk appetite metrics, KPIs/KRIs, and provide insights on digital maturity and control posture.
• Conduct regular stakeholder sessions to capture risk concerns, share insights, and promote risk ownership.
• Provide risk insights to inform IT strategic decisions, budget allocations, and project prioritization.
• Design and implement Risk intake and evaluation process spanning multiple workflow stages.

Training, Awareness & Stakeholder Engagement

• Drive awareness campaigns and knowledge-sharing on digital risk topics.
• Conduct digital risk workshops and simulate real-life attack vectors on digital products.
• Support product, engineering, and data science teams with risk insights and control guidance.

Education:

• Bachelor's Degree in Computer Science, Data Science, Cybersecurity, or related field (Master's preferred).
• 10+ years of experience in digital risk, product security, data privacy, or emerging tech governance.
• Strong understanding of AI/ML systems, cloud platforms, and DevOps pipelines.
• Hands-on experience with digital risk tools, privacy management solutions, and threat modeling platforms.

Certifications (Preferred):

• CRISC, CIPP/US or CIPP/E, AWS/Azure Security Specialty, AI Governance Certification (e.g., IEEE, ISO AI Risk).

Benefits

• We are committed to offering competitive benefits programs for all of our employees and enhancing our programs when necessary.

• Have peace of mind and body with our health insurance

• Drive forward your career through professional development opportunities

• Achieve your personal goals with our Employee Assistance Programme

Our commitment to you

Our greatest assets are the expertise, creativity and passion of our employees. We strive to provide a great place to work that attracts, develops and retains the best talent, promotes employee engagement, fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create an environment where you feel that you belong, with diversity and inclusion as the engine to growth and innovation. We develop and deploy best-in-class programs and practices, providing enriching career opportunities, listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way. Join us and make a difference.

Apply Now!

Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Job Applicant's Privacy Notice:

Click on this link to read the Job Applicant's Privacy Notice