
IT Security Governance, Risk, and Compliance
6 days ago
Reporting into Information Security, the Governance, Risk, and Compliance (GRC) Engineer plays an instrumental role in guiding GRC strategies and processes. As the primary GRC authority in India and supporting the global GRC team, this engineer works directly with other partners such as Legal, Risk, Internal Audit, etc. to ensure the alignment of the company's IT and Enterprise risk management framework with its business objectives and regulatory requirements. The GRC Engineer possesses a combination of technical expertise, background in GRC, and applicable frameworks. They will identify, track, and address potential risks, while proactively improving the company's overall GRC posture.
What You'll DoThird Party Risk Management
- Act as a local point of contact for the IT Third Party Risk Management Program.
- Maintain the chosen GRC platform to programmatically capture Cyber/IT risks, timely analysis to enable risk control and reporting.
- Implement security controls, risk assessment framework, and program that aligns to regulatory requirements, chosen frameworks, and other internal requirements through collaboration with other key department partners.
- Implement processes to automate and continuously supervise information security controls, exceptions, risks, and testing. Develop performance measures, dashboards, and evidence artifacts.
Policy and Procedure Management
- Develop, maintain, and supervise implementation and adherence to regional Cybersecurity and GRC Policies and Processes to ensure compliance with applicable laws, regulations, and chosen industry standard frameworks including communications and training.
- Collaborate with partners from other core organizations (e.g., Legal, Audit) to ensure Cybersecurity and GRC components are accounted for in collaborative enterprise-wide policies, and processes.
- Define and detail security processes responsibilities and ownership of the controls in GRC tool. Schedule regular assessments and testing of effectiveness and efficiency of controls and build reports.
Audit and Compliance Management
- Assist with all global regulatory and compliance assessments to include ISMS, MLPS, GDPR, SOX, NIST CSF, and PCI.
- Develop and implement controls and documentation for all applicable security and/or privacy regulations within the APAC region.
- Coordinate with internal and external auditors to facilitate audits, with the goal of assuring IT and Enterprise compliance and addressing potential issues proactively.
- Guide IT and other Enterprise organizations to successfully achieve required compliance.
- Work with partners and Subject Matter Authorities on deficiency remediation as a result of audit or internal control findings
Risk Management
- Responsible for maintaining the Cybersecurity Risk Register and collaborating with other Risk collaborators throughout the enterprise for inclusion in overall risk reporting.
- Work with business owners of known risks for remediation or compensating controls for policy adherence.
- Facilitate documentation and approval process for Risk Acceptance, in accordance with Cybersecurity policy and applicable frameworks.
- Bachelor's degree or equivalent experience in Information Technology or related field.
- 6+ years of confirmed experience in cybersecurity as a practitioner, with 2+ years in GRC role. Experience working with other compliance driven teams such as Legal, Audit, etc.
- In-depth Knowledge of Relevant Laws and Regulations and other applicable frameworks.
- Knowledge and experience implementing and auditing CIS controls.
- Risk Management Skills: Ability to identify, analyze, and optimally mitigate enterprise risks. Familiarity with risk management frameworks and methodologies.
- Critical Thinking and Leadership: Strong ability to lead and handle the GRC function, develop and complete strategic plans, and guide the organization towards its GRC objectives.
- Communication and Presentation Skills: Excellent written and verbal communication skills, with the ability to present sophisticated GRC issues and strategies clearly to various partners.
- Analytical Skills: Strong ability to analyze sophisticated data, interpret compliance requirements, and develop effective solutions.
- Negotiation and Influencing Skills: Ability to negotiate with, influence, and secure consensus from various partners, both internal and external, to achieve GRC objectives.
- IT Proficiency: Familiarity with the use of GRC technology solutions, as well as a broad understanding of information security principles and standard processes.
- Focus on staying updated with GRC field progress, including shifting laws and standard methodologies in GRC management.
The Company is an Equal Opportunity Employer committed to a diverse and inclusive work environment.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability, or any other protected classification.
Job Category: Corporate
-
Security Governance
2 weeks ago
Gurgaon, Haryana, India Sbi Cards And Payment Services Limited Full time ₹ 12,00,000 - ₹ 36,00,000 per yearDeputy Vice President - Security Governance & Compliance About the company SBI Card is a leading pure-play credit card issuer in India, offering a wide range of credit cards to cater to diverse customer needs. We are constantly innovating to meet the evolving financial needs of our customers, empowering them with digital currency for seamless payment...
-
Lead Governance, Risk
5 days ago
Gurgaon, Haryana, India Airtel Full time ₹ 12,00,000 - ₹ 36,00,000 per yearJob Title: Lead Governance, Risk & Compliance (GRC)Location: GurugramJob Type: Full-TimeRole Overview: We are seeking an accomplished Lead – Governance, Risk & Compliance (GRC) to define and drive the security governance, risk management, and compliance strategy across our nationwide telecom operations. This role will oversee compliance across Airtel's...
-
SME Security Risk and Compliance
7 days ago
Gurgaon, Haryana, India Ericsson-Worldwide Full time ₹ 20,00,000 - ₹ 25,00,000 per yearGrow with usOur Excellent OpportunitySenior Manager - Security Risk & Compliance is responsible for ensuring that the company's processes and systems are monitored and evaluated to meet compliance requirements. Some of the responsibilities include: Regulatory Intelligence - Monitor and analyse regulatory policies, notifications, and guidelines.Compliance -...
-
Analyst, Risk and Compliance
4 weeks ago
Gurgaon, Haryana, India Cvent Full timeJob DescriptionAbout the role:Provide support for projects and operational tasks associated with Cvent's information security governance, risk management, and audit and compliance programsIn This Role, You Will:- Participate in internal security assessments and security reviews; conduct security risk analysis of business processes and technology solutions to...
-
Information Security Risk
7 days ago
Gurgaon, Haryana, India Airtel Full time ₹ 1,80,000 - ₹ 3,00,000 per yearSr. Executive (Information Security Risk & Compliance)Review of policy and procedure with implementation across organization In depth knowledge of risk management with good knowledge of handling external and internal risks Work with cyber risk quantification and integrate with existing risk management process. Should be able to quantify risks and...
-
Risk And Compliance Manager
1 week ago
Gurgaon, Haryana, India Autope Payment Solutions Full time ₹ 15,00,000 - ₹ 25,00,000 per yearJob Description Risk / Compliance ManagerCompany: Autope Payment Solution LimitedLocation: GurugramExperience Required: Minimum 5 YearsPosition OverviewThe Risk / Compliance Manager will be responsible for developing, implementing, and maintaining the company's compliance and risk management framework. The role requires a deep understanding of regulatory...
-
Information Security Risk
2 weeks ago
Gurgaon, Haryana, India Airtel Full time ₹ 1,20,000 - ₹ 1,80,000 per yearInformation Security Risk Management and Compliance (GRC)Details : JD for Consultant (Information Security Risk & Compliance)POSITION Information Security Risk Management and Compliance (GRC) EXPERIENCE 4-5 Years KEY RESPONSIBILITIES & JOB DESCRIPTIONReview of policy and procedure with implementation across organization In depth knowledge of risk...
-
Information Security Risk
7 days ago
Gurgaon, Haryana, India Airtel Full time ₹ 20,00,000 - ₹ 25,00,000 per yearInformation Security Risk Management and Compliance (GRC) JD for Consultant (Information Security Risk & Compliance) KEY RESPONSIBILITIES & JOB DESCRIPTIONReview of policy and procedure with implementation across organization In depth knowledge of risk management with good knowledge of handling external and internal risks Work with cyber risk...
-
Data Governance and Security Specialist
4 weeks ago
Gurgaon, Haryana, India Axa XL Full timeJob DescriptionEssential Responsibilities:- Support the collection of up-to-date information from the business regarding their most valuable data and its use on a yearly basis (at minimum) at a Data Element level when possible.- Monitor the use of Data elements through security tools like DLP and Microsoft Purview.- Help create Sensitive Information Types to...
-
Risk Compliance Manager
2 weeks ago
Gurgaon, Haryana, India airtel Full time ₹ 15,00,000 - ₹ 25,00,000 per yearPlan, manage, and perform Process Reviews, including determining audit objectives and scope, identifying and assessing risks, developing time budgets and audit programs, and ensuring adequate documentation for each review Using knowledge/ expertise in performing reviews to determine compliance with all pertinent statutes, policies, procedures, effectiveness...