Manager - Risk and Compliance

4 weeks ago


hyderabad, India NopalCyber Full time

NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a client’s needs and budget, and external threat analysis, which provides critical intelligence at no-cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service.

We are looking for a proven, high energy, results oriented GRC professional, where you will be a key advisor for our clients, analyzing business requirements to design and implement ideal security solutions for their needs. As an established GRC Professional, you will span operational, tactical, and strategic levels as well as tasks that tackle difficult problems that businesses are facing when building out and improving their security and compliance posture.

Job responsibilities:

- Subject matter expert on information and cyber security governance, risk and compliance – services and solutions
- Plans and executes information technology security assessments of on-premise/cloud IT assets by understanding organization objectives, structure, policies, processes, internal controls, and external regulations; identifies risk areas; prepares scope and objectives; prepares internal controls review programs
- Tests all IT security controls, creates - assessment work programs, current state posture assessment model, and customized reports
- Completes assessment work papers and memoranda by documenting assessment tests and findings
- Understanding of Digital Personal Data Protection Act, 2023.
- Familiarity working with and/or managing Governance, Risk, and Compliance (GRC) tools.
- Hands on security controls testing experience for web applications, mobile applications, and corporate systems
- Good understanding of Security Risk Management tools and processes
- Third party risk management (TPRM) exposure
- Support in sales pursuits and proposals and assist in building practice eminence
- Deliver complex projects in a fast-paced, team environment
- Promote and participate in forums for sharing expertise, strengthening firm’s collective knowledge, and helping resolve our clients’ challenges
- Provide leadership to the enterprise's information security organization
- Constantly update the cyber security strategy to leverage new technology and threat information
- Establish strong client relationships to help progress the Services portfolio

Job specifications:

1. Qualification:

- Bachelor’s degree in Engineering or closely related coursework in technology development disciplines
- Certifications – ISO 27001 Lead Implementer/Lead Auditor
- One or more security certifications: Certified Information Systems Security Professional (CISSP)/Certified Information Systems Auditor (CISA)/Certified Information Privacy Professional (CIPP) etc.
- One or more cloud security certifications: Certification in Public Cloud Technology from one of the major Cloud Service Providers (e.g. AWS Certified Solutions Architect, Microsoft Azure Architect, Google Cloud Architect), or Certified Cloud Security Professional (CCSP)/ Certificate of Cloud Security Knowledge (CCSK) etc.

2. Experience:

Total Experience – 8+ years

Knowledge and Experience:

Good understanding of information security principles, the relating of compliance controls to those principles, and articulating the relevance of controls to stakeholders.

Expertise in delivery of IT risk and compliance advisory services

Experience in management consulting and IT security audits

Excellent capabilities around technology risk assessments

Knowledge of IT and cyber security regulations



  • Hyderabad, India NopalCyber Full time

    NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in...


  • hyderabad, India NopalCyber Full time

    NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in...


  • Hyderabad, India NopalCyber Full time

    Nopal Cyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in...


  • hyderabad, India NopalCyber Full time

    NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in...


  • Hyderabad, India NopalCyber Full time

    NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in...


  • hyderabad, India NopalCyber Full time

    NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in...


  • Hyderabad, India NopalCyber Full time

    Nopal Cyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in...


  • Hyderabad, Telangana, India WELLS FARGO BANK Full time

    Job Summary: We are seeking a highly skilled Compliance Risk Management Specialist to join our team at Wells Fargo Bank. In this role, you will be responsible for establishing and implementing risk standards and programs to ensure compliance with federal, state, and regulatory requirements. About the Role: As a Compliance Risk Management Specialist, you will...


  • Hyderabad, India NopalCyber Full time

    NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in...


  • Hyderabad, India NopalCyber Full time

    NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in...


  • Hyderabad, India NopalCyber Full time

    NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in...


  • hyderabad, India NopalCyber Full time

    NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in...


  • hyderabad, India NopalCyber Full time

    NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in...


  • Hyderabad, India NopalCyber Full time

    NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in...


  • Hyderabad, India NopalCyber Full time

    NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in...


  • Hyderabad, Telangana, India Dr Reddy's Laboratories Limited Full time

    At Dr. Reddy's Laboratories Limited, we are seeking a highly skilled Compliance Risk Management Professional to join our team. As a key member of our compliance function, you will play a critical role in ensuring the company's adherence to regulatory requirements and industry standards.Key Responsibilities:Develop and implement compliance risk management...


  • Hyderabad, Telangana, India WELLS FARGO BANK Full time

    About the RoleWe are seeking a seasoned Compliance Risk Management Specialist to join our team at Wells Fargo Bank.Job Summary: As a key member of our compliance team, you will be responsible for establishing, implementing, and maintaining risk standards and programs to ensure compliance with federal, state, agency, legal, and regulatory requirements.Key...


  • Hyderabad, Telangana, India HSBC Full time

    About HSBC">HSBC is one of the largest banking and financial services organizations in the world, with operations in 62 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper.">Job Summary">We are seeking an experienced professional to join our team as a Risk and Compliance Manager. The successful...


  • Hyderabad, Telangana, India Tata Consultancy Services Full time

    Join Tata Consultancy Services as a Risk Management Specialist to lead the implementation of ISO/NIST controls.Job OverviewTata Consultancy Services is a leading global IT services company seeking an experienced Risk Management Specialist for our GRC (Governance, Risk, and Compliance) team.Salary: ₹1,200,000 - ₹1,800,000 per annumAbout the RoleWe are...


  • Hyderabad, Telangana, India ZAZZ Full time

    ZAZZ is seeking a highly skilled Cybersecurity Specialist to join our team. This role will be responsible for ensuring the organization's IT systems and processes adhere to regulatory security and compliance standards.About the RoleThe ideal candidate will have a minimum of 7 years of experience in IT security & compliance, with a strong knowledge of...