GRC (Governance, Risk and Compliance) | 9 to 12 Years | Mumbai, Bengaluru and Chennai

Job Description

• Experience in core IT Risk, Compliance, and security projects.  
• Strong familiarity with industry frameworks such as ISO standards, GDPR, NIST, PCI DSS. Broad understanding of cyber security concepts and risks.
• Experience in assessment of audit findings / gaps including control weaknesses in coordination with different stakeholders and assist with development of management action plans.
• In depth understanding of security classification, change controls, SDLC, security controls, Application Controls, including interfaces and configurations on a variety of applications, operating systems, databases, and networks.
• Project management experience in the areas of IT Risk, Compliance, and security operations. Ability to plan and manage multiple GRC and Security engagements.
• Help with the planning of SOX program by setting the objective, scope, and work program of individual audits
• Conduct follow-up on both open and past due actions on security control implementations on a regular basis
• Understand client needs to develop project plans, resource plans, establish reporting and metrics and provide the clients and leaders with regular project updates.
• Ensure that the project team is utilized appropriately and consistently with a strong focus on process/tool automations and innovations.

Primary Skills

• Governance, Risk and Compliance (GRC)
• Security Frameworks
• ITGC
• ISMS Implementation

Secondary Skills

• CISA, CISM, CRISC, or CISSP Certifications