Information Security Engineer(GRC)
1 month ago
Job Description
- Develop and finalize policies, procedures, and guidelines related to IT and Infosec domains in alignment with industry best practices (ISO 27001 and ITIL)
- Align internal IT and Infosec processes as per RBI IT and security guidelines
- Assist IT and Infosec Team in defining the key metrics for management reporting
- Develop of cyber security standards, including incorporating industry practices and applicable compliance requirements
- Maintain the the security risk register and related policies
- Maintain the inventory of IT vendors as per regulatory guidelines.
- Develop review checklists, questionnaire, and manage evidences to assist the IT vendor risk management process
- Perform 3rd party security due-diligence reviews and periodic vendor risk assessments to assess vendor compliance.
- Coordinate with external stakeholders and auditors for IT and Infosec related reviews
- Coordinate for conducting periodic penetration testing exercises on in-scope applications and related infrastructure. Coordinate with stakeholders for timely closure of open risks.
- Assist in imparting security awareness training and executing phishing simulation exercises to employees.
- Assist IT and Infosec in gathering the metrics data and prepare management dashboards
- Lead the periodic IT and Infosec governance review meetings and gather feedback for improvement
- Assess the existing IT and Infosec processes and provide recommendations to improve
- Identify opportunities for IT and Infosec governance automation and lead the continuous compliance initiatives
- Support cross-entity teams/group entities to mirror the best practices implemented at the parent entity
- Develop templates for incident reporting and manage artifacts. Assist during incident investigation and collaborating with stakeholders.
Key Areas: ISO 27001, security governance, vendor security due-diligence, vendor security reviews and assessment, preparation of security checklist, security awareness/phishing simulation, management dashboards, manage key metrics for IT and Infosec,
Certifications: good to have - ISO 27001, ITIL
Experience
- Should have 5 - 7 years of experience in information security domain and minimum should have 4 of years in overall IT and Infosec governance related activities.
- Must have sound knowledge in defining processes, developing policies, procedures, and guidelines, and preparing management reporting dashboards.
- Must have experience in guiding teams with respect to RBI IT guidelines
- Developing and implementing enterprise governance, risk, and compliance strategy and solutions
- Ability to document and explain details in a concise & understandable manner
- Industry recognized certificates relevant to the roles such as ITIL, ISO 27001 are desired
- Ability to lead complex, cross-functional projects, and problem-solving initiatives.
- Passionate about IT/information security and update knowledge on daily basis to support the organization
- Candidates must have excellent verbal and written communication skills
- Familiarity with industry standards and regulations including PCI, ISO27001, CIS, NIST is desired.
- Candidates from BFSI experience will be preferred
- Fair understanding of public cloud models (e.g. AWS, Google, Microsoft Azure) and their security implications
Skills:
- Candidate should be a good team player
- Should have good interpersonal skills
- Good written communication skills including ability to develop process documentation and security guidelines.
- Ability to apply critical thinking and logic to a wide range of intellectual and practical problems
- Ability to maintain composure under pressure and work calmly during an emergency
- Ability to manage multiple tasks and schedules
-
IT Information Security GRC Analyst
1 month ago
india Marken Full timeDescription Job Title: Information Security GRC Analyst Main Purpose: The Information Security (InfoSec) Analyst serves as a trusted advisor when assessing internal systems and controls, and is a key point of contact with external examiners. Identifies and verifies risks to systems and data, and ensure teams are cognizant of any...
-
IT Grc Sme
2 weeks ago
India CosMic IT Full timeFull Time - India - Posted 9 mins ago - CosMicIT - **CosMic IT** - Find Your Dream Job Here_ Hello Everyone, We at #CosMicIT are looking for a #IT GRC SME Locations: PAN India Job Description: **Responsibilities**: 1. GRC Program Management: - Develop, implement, and manage the overall IT GRC program. - Define and enhance policies, procedures, and...
-
SAP GRC/Security Consultant
1 week ago
india Kiash Solutions LLp Full timeOverview :We are seeking a skilled SAP GRC/Security Consultant with 4-7 years of experience to join our team. The ideal candidate will have extensive experience in SAP security and GRC (Governance, Risk, and Compliance) Access Control Application Management Services. The candidate should possess strong technical expertise, excellent communication skills, and...
-
SAP GRC/Security Consultant
4 days ago
Anywhere in India/Multiple Locations Kiash Solutions LLp Full timeOverview :We are seeking a skilled SAP GRC/Security Consultant with 4-7 years of experience to join our team. The ideal candidate will have extensive experience in SAP security and GRC (Governance, Risk, and Compliance) Access Control Application Management Services. The candidate should possess strong technical expertise, excellent communication skills, and...
-
Information Security Analyst
2 weeks ago
india Nike Full timeRejoignez l'équipe NIKE, Inc. Loin de se contenter d'équiper les plus grands athlètes mondiaux, NIKE, Inc. explore les potentiels, abolit les frontières et repousse les limites du possible. L'entreprise recherche des personnes capables d'évoluer, de réfléchir, de rêver et de créer. L'épanouissement de sa culture repose sur son ouverture à la...
-
Security Analyst
10 hours ago
india Mobile Programming LLC Full timeJob Description : We are looking for The GRC Security Analyst who will assesses and prioritizes information security and cybersecurity risk across the organization, facilitates compliance with regulatory requirements and information security policies, and develops and reports on information security no-style="background-color: inherit;"> and Requirements :...
-
SAP GRC/Security Consultant
1 week ago
Anywhere in India/Multiple Locations Kiash Solutions LLp Full timeOverview :We are seeking a skilled SAP GRC/Security Consultant with 4-7 years of experience to join our team. The ideal candidate will have extensive experience in SAP security and GRC (Governance, Risk, and Compliance) Access Control Application Management Services. The candidate should possess strong technical expertise, excellent communication skills, and...
-
SAP GRC/Security Consultant
4 days ago
Anywhere in India/Multiple Locations, IN Kiash Solutions LLp Full timeOverview :We are seeking a skilled SAP GRC/Security Consultant with 4-7 years of experience to join our team. The ideal candidate will have extensive experience in SAP security and GRC (Governance, Risk, and Compliance) Access Control Application Management Services. The candidate should possess strong technical expertise, excellent communication skills, and...
-
Information Security GRC Manager
4 days ago
India IQ-EQ Full timeJob Description Responsibilities (how we will measure success) To provide second line support for all aspects of the Group's Information Security strategy and arrangements encompassing cultural, physical and technology elements throughout the business, with the primary focus being on Info Sec programme governance and oversight. Working as part of...
-
Information Security GRC Manager
2 weeks ago
india IQ-EQ Full timeJob Description Responsibilities (how we will measure success) To provide second line support for all aspects of the Group’s Information Security strategy and arrangements encompassing cultural, physical and technology elements throughout the business, with the primary focus being on Info Sec programme governance and oversight. Working as...
-
Information Security GRC Manager
1 month ago
india IQ-EQ Full timeJob Description Responsibilities (how we will measure success) To provide second line support for all aspects of the Group’s Information Security strategy and arrangements encompassing cultural, physical and technology elements throughout the business, with the primary focus being on Info Sec programme governance and oversight. Working as...
-
GRC Analyst
4 days ago
India MDMS Recruiting LLC Full timeJob Description This is a remote position. Governance, Risk & Compliance (GRC) Analyst The Information Security, Governance, Risk, and Compliance Analyst will be an innovative, self-driven team player who will be able to educate, provide guidance, and help drive a risk management program for information security and compliance throughout the company. This...
-
GRC Analyst
4 weeks ago
india MDMS Recruiting LLC Full timeJob Description This is a remote position. Governance, Risk & Compliance (GRC) Analyst The Information Security, Governance, Risk, and Compliance Analyst will be an innovative, self-driven team player who will be able to educate, provide guidance, and help drive a risk management program for information security and compliance throughout the company. This...
-
SAP Security/GRC Consultant
3 days ago
India ANLAGE Full timeWe are looking for an experienced SAP Security Specialist! 3 to 8 years of experience working with SAP Security, SAP GRC 10.x/12.x Access Control modules, and S/4 Hana Experience in full cycle SAP S/4 or ECC Security assessments, design, and implementations, with a keen understanding of leading practices in ERP security Security knowledge in SAP Fiori, BI,...
-
GRC Functional Architect
2 weeks ago
india Tech AGRIM Full timePosition Overview: Tech AGRIM is seeking a knowledgeable and experienced GRC Functional Expert to join our team. The ideal candidate will play a crucial role in implementing, configuring, and supporting Governance, Risk, and Compliance (GRC) solutions. Location : India (Remote) Experience: 8-10 Years Key Responsibilities: Collaborate with stakeholders...
-
GRC Analyst
2 months ago
india Quantiphi Full timeLooking for GRC Analyst NP : Immediate to 30 Days Experience Level: 4 to 6 years Responsibilities 1. Develop and ensure compliance of company-wide best practices for IT security. 2. Research security enhancements and make recommendations to management. 3. Respond to RFI /RFPs by consulting to various support functions and client queries regarding...
-
GRC Policy Analyst
2 weeks ago
india Novalink Solutions LLC Full timeJob Description The IT policy analyst works to provide IT policies aligned with NIST security controls for the MBTA. The IT Policy Analyst will work within the Enterprise Risk Management platform to manage policies, security control gaps, and dashboard/metric tracking. The GRC Policy Analyst will also work with MBTA-specific IT policies outside of the...
-
Information Security GRC Analyst
4 days ago
India Marken Full timeDescription Job Title: Information Systems Auditor Location: Pune M ain Purpose: The Information Systems (IS) Auditor serves as a trusted advisor when assessing internal systems and controls, and is a key point of contact with external examiners. Identifies and verifies risks to systems and data, and ensure teams are cognizant of any...
-
SAP GRC Architect
5 days ago
india NR Consulting - India Full timeJob Description:- Atleast 10 -12 years of experience working in SAP Security & GRC implementation projects. Should be able to engage with the customer and lead a workshop as an Architect on Security & GRC. Expertise in all modules of GRC and Role Remediation is needed. Certification or knowledge on Agile Methodology and Project Management will be...
-
Cyber Security
2 weeks ago
India Sage IT India Full timeRelevant security certifications such as CISA, CISSP, CRISC or equivalent - Experience in conducting internal Information Security audits for a highly regulated industry - 3+ years of Cyber Security experience - Experience in attaining certifications or attestations such as ISO 27001, SOC report, PCI, etc. - Experience with Security Infrastructure Design...
