GRC Analyst
4 days ago
Pinkvilla is seeking a dynamic Information Security professional, who will play a key role in driving compliance programs, managing audits, supporting data protection initiatives, and ensuring third-party security risks are effectively identified and mitigated.Key ResponsibilitiesGovernance, Risk & Compliance (GRC)Develop, implement, and maintain information security policies, standards, and procedures.Conduct risk assessments and drive risk treatment/mitigation plans.Support security audits and ensure timely closure of findings.Monitor compliance with frameworks/standards such as ISO 27001, NIST, CISCollaborate with security engineering and SOC teams on remediation of vulnerabilities, incident response, and security enhancements.Contribute to cross-functional security initiatives requiring governance, technical, and operational alignment.Provide training and awareness on security to drive security aware cultureData ProtectionIdentify and mitigate risks associated with processing of personal and sensitive data.Oversee data data classification, retention, and secure disposal practices.Lead initiatives around Data Loss Prevention (DLP) — including policy finetuning, incident monitoring, and working with stakeholders on data handling improvements.Third-Party Risk Management (TPRM)Conduct security assessments and due diligence for vendors, partners, and service providers.Review and evaluate vendor security controls, certifications, and compliance posture.Manage the third-party risk lifecycle, including onboarding, periodic reviews, and issue remediation.Work with procurement, legal, and business teams to integrate security requirements into contracts and agreements.Qualifications:Bachelor’s degree in Computer Science or Information Security or related field4–6 years of experience in Information Security roles with focus on GRC, Data Protection, and TPRM.Strong understanding of security standards (ISO 27001, NIST, etc.).Experience conducting risk assessments, vendor due diligence, and compliance reviews.Good knowledge of data protection principles, privacy laws, and security best practices.Excellent documentation, communication, and stakeholder management skills.Preferred Skills:Relevant certifications such as CISM, CISA, ISO 27001, CIPM, or CRISC.Experience with GRC tools (e.g., Archer, ServiceNow GRC, OneTrust, or similar).Knowledge of cloud security and SaaS vendor risk assessments.
-
Senior Compliance Analyst
2 weeks ago
Thiruvananthapuram, India IBS Software Full timeSenior Compliance Analyst Trivandrum Location - Conduct regular risk assessments and gap analyses to identify areas for improvement. - Coordinate the SOC 1, SOC 2, SOC 3 audit process, liaising with external auditors and ensuring timely completion. - Oversee PCI DSS assessments, ensuring adherence to Payment Card Industry Data Security Standards. - Ensure...
-
Senior Compliance Analyst
4 weeks ago
Thiruvananthapuram, India IBS Software Full timeSenior Compliance Analyst Trivandrum Location Conduct regular risk assessments and gap analyses to identify areas for improvement. Coordinate the SOC 1, SOC 2, SOC 3 audit process, liaising with external auditors and ensuring timely completion. Oversee PCI DSS assessments, ensuring adherence to Payment Card Industry Data Security Standards. Ensure...
-
Senior compliance analyst
4 weeks ago
Thiruvananthapuram, India IBS Software Full timeSenior Compliance AnalystTrivandrum LocationConduct regular risk assessments and gap analyses to identify areas for improvement.Coordinate the SOC 1, SOC 2, SOC 3 audit process, liaising with external auditors and ensuring timely completion.Oversee PCI DSS assessments, ensuring adherence to Payment Card Industry Data Security Standards.Ensure comprehensive...
-
Thiruvananthapuram, Kerala, India UST Full time ₹ 4,00,000 - ₹ 8,00,000 per year3 - 5 Years1 OpeningTrivandrumRole descriptionSummary:The Risk & Compliance Analyst supports the implementation and management of IT risk, compliance, and governance processes across the organization's technology landscape. The role helps ensure IT operations comply with internal policies, regulatory standards, and contractual requirements while improving...
