GRC Engineer
7 days ago
As a Senior GRC Engineer, you will play a critical role in fortifying our security infrastructure, ensuring compliance with industry standards such as SOC 2 HIPAA, GDPR, and ISO27001 and implementing cutting-edge security practices like Policy as Code and Shift Left Security.
Compliance and Standards:
- Lead efforts to maintain and enhance compliance with industry standards, including SOC2 Type2 HIPAA, GDPR, ISO27001 and USDPI.
- Stay updated with current regulatory changes and ensure our security practices align with evolving requirements.
- Build a unified compliance framework (UCF) that captures cybersecurity, data protection, and business continuity risks.
- Create policies and processes in collaboration with security engineers such that they comply with the UCF, covering cloud security, application security, endpoint security, and data privacy.
- Set up a review of all policies in practice to ensure all policies are adhered to at all times. Review and validate if the approach/solution taken to address the security and privacy risks/policies is appropriate.
Data Privacy:
- To be able to guide various teams on data protection practices. Review legal documents related to security/privacy as and when required.
- Be the subject matter expert (SME) for security and privacy compliance and address queries/scenarios that might arise from different departments.
- Stay up to date with security compliance frameworks and best practices to contribute towards the overall security posture of Atlan.
Policy as a Code:
- Identify the opportunities for implementing Policy as a Code, to minimize manual intervention.
- Partner with security engineers to drive the implementation of Policy as Code methodologies to automate and enforce security policies throughout the organization.
Shift Left Security:
- Advocate and identify Shift Left Security practices to embed security into the early stages of the development lifecycle.
- Partner with security engineers across Cloud Infra and IT team in driving implementation of shift left security practices, such as: Embedding security practices in SDLC and Cloud infrastructure.
- Embedding the GRC team approvals/reviews in day-to-day processes to enable better governance.
GRC Tools:
- Utilise GRC tools such as Vanta, to streamline security processes and enhance efficiency.
- Maintain a good security score on VANTA by coordinating with different stakeholders.
- Evaluate and implement additional tools to support the automation of security tasks and assessments.
Training / Awareness:
- Create security and privacy training and awareness content and deliver training through creative and innovative means to create maximum impact.
- Vendor and Client Security Assessment - Carry out assessments as and when required.
ARR Improvement:
- Collaborate with stakeholders to enhance Annual Recurring Revenue (ARR) through improved security measures.
- Implement security strategies that align with organizational goals and customer expectations.
(ref:hirist.tech)-
GRC Engineer
7 days ago
Any Location, India Pylon Management Consulting Full timeAs a Senior GRC Engineer, you will play a critical role in fortifying our security infrastructure, ensuring compliance with industry standards such as SOC 2 HIPAA, GDPR, and ISO27001 and implementing cutting-edge security practices like Policy as Code and Shift Left Security. Compliance and Standards: Lead efforts to maintain and enhance compliance with...
-
GRC Engineer
2 weeks ago
Any Location, India Pylon Management Consulting Full timeAs a Senior GRC Engineer, you will play a critical role in fortifying our security infrastructure, ensuring compliance with industry standards such as SOC 2 HIPAA, GDPR, and ISO27001 and implementing cutting-edge security practices like Policy as Code and Shift Left Security. Compliance and Standards: - Lead efforts to maintain and enhance compliance with...