:
We are seeking a motivated and skilled GRC professional to join our team. As a GRC Analyst, you will be responsible for managing cybersecurity risks, conducting compliance assessments, and implementing security policies based on industry best practices, including ISO 27001, ISO27701, SOC2 , GDPR and RBI/SEBI guidelines. The role offers an excellent opportunity to build and enhance your skills in the rapidly evolving field of cybersecurity governance, risk management, and compliance.
:
- Compliance & Regulatory Oversight: Ensure compliance with applicable laws and regulations, such as RBI/SEBI cybersecurity guidelines, GDPR, and other - local and international frameworks.
- Risk Management: Assist in conducting risk assessments to identify, evaluate, and prioritize risks related to information security and business operations.
- Audit Support: Support internal and external audits by preparing documentation, coordinating audit activities, and ensuring compliance with cybersecurity policies and standards.
- Cybersecurity Program Management: Work closely with IT, legal, and other stakeholders to integrate cybersecurity risk management into business processes, ensuring alignment with organizational goals.
- Policy Development & Training: Contribute to the development of information security policies, procedures, and guidelines, and assist in delivering training programs to raise awareness of security best practices across the organization.
- Continuous Improvement: Collaborate with various teams to assess the effectiveness of existing controls and propose improvements to enhance the organization's cybersecurity posture.
- Reporting & Documentation: Maintain clear and comprehensive documentation of risk assessments, compliance activities, audits, and incident reports to provide transparency to senior leadership and regulatory bodies.
:
- 5-7 years of hands-on experience in Governance, Risk, and Compliance (GRC) roles.
- Good understanding of information security principles, controls, and risk management methodologies, compliance and audits
- Hands on experience of implementing two or more of standards such as ISO 27001/2, ISO27701, SOC2, PCI DSS, NIST standards on Cyber Security, HITRUST, HIPAA, GDPR etc.
- Strong analytical skills and attention to detail in identifying security vulnerabilities and assessing compliance gaps.
- Excellent written and verbal communication skills to prepare reports and deliver presentations.
- Certifications such as ISO 27001 Lead Auditor, CISA, CRISC, CGRC, CIPM, CIPP or similar are preferred.
your resume to@.
