Practice Lead - GRC Assurance
Sprinto
India · Remote
Posted on Mar 27, 2026
Sprinto is an AI-native GRC platform that helps organisations manage risks, audits, vendor oversight, and continuous monitoring from a single connected platform. With a team of 350+ employees serving 3,000+ customers across 75+ countries, Sprinto combines scale with expertise to deliver trust and compliance. Backed by top-tier investors such as Accel, Elevation, and Blume Ventures, we’ve raised $31.8M in funding to fuel our mission. Trusted by leading organisations including Whatfix, Anaconda, Ultrahuman, WeWork, AI Foundation, and HackerRank, Sprinto supports 300+ integrations and 200+ global security standards, including SOC 2, ISO 27001, GDPR, HIPAA, and PCI-DSS.Founded in 2020 by second-time entrepreneurs Girish Redekar and Raghuveer Kancherla, Sprinto is recognised as a Leader on G2 in Compliance Automation and has been named a LinkedIn Top Startup multiple years in a row.
Sprint with Sprinters: At Sprinto, your work has purpose — and your life has space. We are a workplace where you’re empowered to execute on your most ambitious ideas and deliver your best output in a fast-paced, innovative, and supportive environment. Joining Sprinto means you will never run alone; you will always have the freedom to take your shot and the support to go farther than you imagined
The Role: Sprinto is building a Managed Services wing that will evolve from framework digitisation into a broader services portfolio, including implementation consulting, risk & privacy assessments, policy reviews, internal audits, and security assurance programs. This leader will build the function from the ground up with strong governance, repeatability, and commercial accountability.
What you’ll do
- Create delivery operating model: intake, scoping, SOWs, QA, SLAs, change control, and reporting.
- Build reusable IP: templates, playbooks, mapping libraries, workshop agendas, and QA rubrics.
- Hire and lead a team of specialists; build service-line pods over time.
- Phase 1: framework digitisation & control/check mapping inside Sprinto.
- Phase 2: packaged services for risk assessment, privacy (DPIA), policy review, internal audits, and audit readiness support.
- Phase 3: scale into security assurance programs and partner-led offerings (e.g., VAPT program management, vendor governance, QA, and customer outcomes).
- Define service packaging and pricing models (fixed-fee tiers, retainer options where relevant).
- Own utilization, margins, capacity planning, delivery forecasting, and predictable throughput.
- Partner with Sales/SE/CS to attach services appropriately and improve enterprise deal conversion + retention.
- Create “AI-assisted playbooks” for repeatable services (DPIA, risk assessment, policy review, internal audit checklists).
- Build structured input forms/checklists that juniors can fill out, enabling consistent output.
- Define QA guardrails (mandatory source inputs, validation steps, human approval gates).
- Maintain an internal library of prompts/templates and continuously improve them based on audit/customer feedback.
- Establish acceptance criteria and review mechanisms for deliverables.
- Define boundaries and disclaimers to avoid uncontrolled liability.
- Build partner qualification standards and a QA framework for third-party-delivered services.
Build the function
Deliver and scale service lines (phased)
Own commercial outcomes
AI-enabled service productisation
Ensure quality and manage risk
What we’re looking for
- 8–10+ years in GRC/security consulting, audit/advisory, or building managed compliance programs.
- Demonstrated experience building/scaling a services practice or delivery org (0→1 to repeatable).
- Strong experience with enterprise customers and multi-stakeholder delivery.
- ISO 27001, SOC 2, GDPR; strong risk assessment experience.
- Privacy assessments (DPIA) hands-on.
- Comfort with complex frameworks like FedRamp, HITRUST, NIST family and regional regulations
- Demonstrated ability to use AI tools (e.g., ChatGPT-style workflows) to reduce manual effort and standardize deliverables.
- Ability to translate domain expertise into reusable templates and guided systems.
- Strong judgment around accuracy, confidentiality, and review requirements.
- Ability to productize services (packages, deliverables, QA, SLAs).
- Strong commercial ownership: pricing, margins, capacity planning.
- Excellent written communication and workshop leadership.
- Strong decision-making in ambiguity, without scope creep.
- Prior leadership of multi-service GRC offerings (risk, privacy, internal audits, readiness).
- Experience in auditing and implementing GRC frameworks
- Certifications (good to have): ISO 27001 LA/LI, CISA, CISM, CISSP or PCI QSA.
- Services revenue growth trajectory toward the long-term contribution target.
- Delivery cycle time, rework rate, QA pass rate, customer satisfaction.
- Utilisation and gross margin improvement via reuse and standardisation.
- Attach rate (services + product), deal unblock impact, retention uplift.
Experience
Domain mastery
Proficiency in building AI-enabled workflows
Operator strengths
Preferred
Success metrics
How We Care For Our Sprinters :
- Work wherever you are: We’re 100% remote, so you get to choose if you want to work from home, cafe, hills or beaches.
- Co-working on the house: If co-working is your jam, we offer a generous annual allowance of up to INR 14,000* for social working.
- We care about your learning: We are invested in seeing you grow, and commit USD 1000 annually to help you level up your skills.
- We count your spark, not your leaves: We care about you not just as an employee, but as a person. So if you need a reset, make use of Unlimited leaves.
- Your Safety Net, Woven in: We take care of the what-ifs. From health insurance with coverage up to INR 10 lakh for you and your family, to accident protection of an additional INR 10 lakh, and life insurance worth 3× your annual salary, our benefits wrap you and your family in protection so you can focus on thriving.
- Workspace setup of your dreams: Work from anywhere, and if that’s home, we’ll chip in INR 35,000 to help you create a space that’s as effortless as your workflow. CX_POD