 
						IT Security Governance, Risk, and Compliance
4 days ago
Reporting into Information Security, the Governance, Risk, and Compliance (GRC) Engineer plays an instrumental role in guiding GRC strategies and processes. As the primary GRC authority in India and supporting the global GRC team, this engineer works directly with other partners such as Legal, Risk, Internal Audit, etc. to ensure the alignment of the company's IT and Enterprise risk management framework with its business objectives and regulatory requirements. The GRC Engineer possesses a combination of technical expertise, background in GRC, and applicable frameworks. They will identify, track, and address potential risks, while proactively improving the company's overall GRC posture.
What You'll DoThird Party Risk Management
- Act as a local point of contact for the IT Third Party Risk Management Program.
- Maintain the chosen GRC platform to programmatically capture Cyber/IT risks, timely analysis to enable risk control and reporting.
- Implement security controls, risk assessment framework, and program that aligns to regulatory requirements, chosen frameworks, and other internal requirements through collaboration with other key department partners.
- Implement processes to automate and continuously supervise information security controls, exceptions, risks, and testing. Develop performance measures, dashboards, and evidence artifacts.
Policy and Procedure Management
- Develop, maintain, and supervise implementation and adherence to regional Cybersecurity and GRC Policies and Processes to ensure compliance with applicable laws, regulations, and chosen industry standard frameworks including communications and training.
- Collaborate with partners from other core organizations (e.g., Legal, Audit) to ensure Cybersecurity and GRC components are accounted for in collaborative enterprise-wide policies, and processes.
- Define and detail security processes responsibilities and ownership of the controls in GRC tool. Schedule regular assessments and testing of effectiveness and efficiency of controls and build reports.
Audit and Compliance Management
- Assist with all global regulatory and compliance assessments to include ISMS, MLPS, GDPR, SOX, NIST CSF, and PCI.
- Develop and implement controls and documentation for all applicable security and/or privacy regulations within the APAC region.
- Coordinate with internal and external auditors to facilitate audits, with the goal of assuring IT and Enterprise compliance and addressing potential issues proactively.
- Guide IT and other Enterprise organizations to successfully achieve required compliance.
- Work with partners and Subject Matter Authorities on deficiency remediation as a result of audit or internal control findings
Risk Management
- Responsible for maintaining the Cybersecurity Risk Register and collaborating with other Risk collaborators throughout the enterprise for inclusion in overall risk reporting.
- Work with business owners of known risks for remediation or compensating controls for policy adherence.
- Facilitate documentation and approval process for Risk Acceptance, in accordance with Cybersecurity policy and applicable frameworks.
- Bachelor's degree or equivalent experience in Information Technology or related field.
- 6+ years of confirmed experience in cybersecurity as a practitioner, with 2+ years in GRC role. Experience working with other compliance driven teams such as Legal, Audit, etc.
- In-depth Knowledge of Relevant Laws and Regulations and other applicable frameworks.
- Knowledge and experience implementing and auditing CIS controls.
- Risk Management Skills: Ability to identify, analyze, and optimally mitigate enterprise risks. Familiarity with risk management frameworks and methodologies.
- Critical Thinking and Leadership: Strong ability to lead and handle the GRC function, develop and complete strategic plans, and guide the organization towards its GRC objectives.
- Communication and Presentation Skills: Excellent written and verbal communication skills, with the ability to present sophisticated GRC issues and strategies clearly to various partners.
- Analytical Skills: Strong ability to analyze sophisticated data, interpret compliance requirements, and develop effective solutions.
- Negotiation and Influencing Skills: Ability to negotiate with, influence, and secure consensus from various partners, both internal and external, to achieve GRC objectives.
- IT Proficiency: Familiarity with the use of GRC technology solutions, as well as a broad understanding of information security principles and standard processes.
- Focus on staying updated with GRC field progress, including shifting laws and standard methodologies in GRC management.
The Company is an Equal Opportunity Employer committed to a diverse and inclusive work environment.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability, or any other protected classification.
Job Category: Corporate
- 
					  Security Governance2 weeks ago 
 Gurgaon, Haryana, India Sbi Cards And Payment Services Limited Full time ₹ 12,00,000 - ₹ 36,00,000 per yearDeputy Vice President - Security Governance & Compliance About the company SBI Card is a leading pure-play credit card issuer in India, offering a wide range of credit cards to cater to diverse customer needs. We are constantly innovating to meet the evolving financial needs of our customers, empowering them with digital currency for seamless payment... 
- 
					  Lead Governance, Risk5 days ago 
 Gurgaon, Haryana, India Airtel Full time ₹ 12,00,000 - ₹ 36,00,000 per yearJob Title: Lead Governance, Risk & Compliance (GRC)Location: GurugramJob Type: Full-TimeRole Overview: We are seeking an accomplished Lead – Governance, Risk & Compliance (GRC) to define and drive the security governance, risk management, and compliance strategy across our nationwide telecom operations. This role will oversee compliance across Airtel's... 
- 
					Analyst, Risk and Compliance2 weeks ago 
 Gurgaon, Haryana, India Cvent Full time ₹ 6,00,000 - ₹ 18,00,000 per yearOverviewWe are seeking a proactive, technically skilled AI Risk Analyst to join our Information Security Risk & Compliance team in Gurgaon. Ideal candidates have 1-3 years of experience and will primarily lead and mature Cvent's AI risk assessment program covering model and system risk reviews, data and privacy considerations, and secure enablement of AI use... 
- 
					  Information Security Risk7 days ago 
 Gurgaon, Haryana, India Airtel Full time ₹ 1,80,000 - ₹ 3,00,000 per yearSr. Executive (Information Security Risk & Compliance)Review of policy and procedure with implementation across organization In depth knowledge of risk management with good knowledge of handling external and internal risks Work with cyber risk quantification and integrate with existing risk management process. Should be able to quantify risks and... 
- 
					  Risk And Compliance Manager7 days ago 
 Gurgaon, Haryana, India Autope Payment Solutions Full time ₹ 15,00,000 - ₹ 25,00,000 per yearJob Description Risk / Compliance ManagerCompany: Autope Payment Solution LimitedLocation: GurugramExperience Required: Minimum 5 YearsPosition OverviewThe Risk / Compliance Manager will be responsible for developing, implementing, and maintaining the company's compliance and risk management framework. The role requires a deep understanding of regulatory... 
- 
					  Information Security Risk2 weeks ago 
 Gurgaon, Haryana, India Airtel Full time ₹ 1,20,000 - ₹ 1,80,000 per yearInformation Security Risk Management and Compliance (GRC)Details : JD for Consultant (Information Security Risk & Compliance)POSITION Information Security Risk Management and Compliance (GRC) EXPERIENCE 4-5 Years KEY RESPONSIBILITIES & JOB DESCRIPTIONReview of policy and procedure with implementation across organization In depth knowledge of risk... 
- 
					  Information Security Risk7 days ago 
 Gurgaon, Haryana, India Airtel Full time ₹ 20,00,000 - ₹ 25,00,000 per yearInformation Security Risk Management and Compliance (GRC) JD for Consultant (Information Security Risk & Compliance) KEY RESPONSIBILITIES & JOB DESCRIPTIONReview of policy and procedure with implementation across organization In depth knowledge of risk management with good knowledge of handling external and internal risks Work with cyber risk... 
- 
					Security Compliance And Cloud Intern2 days ago 
 Gurgaon, Haryana, India Noise Full time ₹ 4,00,000 - ₹ 12,00,000 per yearCompany DescriptionNoise is India's number 1 smartwatch brand, dedicated to democratizing the connected lifestyle for Indians. With a focus on consumer-centric innovation, Noise has introduced 9 industry-first innovations in audio and connected technologies. The company emphasizes co-creation and innovation in its products, and values its employees,... 
- 
					Intern - Risk & Compliance2 weeks ago 
 Gurgaon, Haryana, India Cvent Full time ₹ 8,00,000 - ₹ 12,00,000 per yearOverviewCvent is a leading meetings, events, and hospitality technology provider with more than 4,800 employees and ~22,000 customers worldwide, including 53% of the Fortune 500. Founded in 1999, Cvent delivers a comprehensive event marketing and management platform for marketers and event professionals and offers software solutions to hotels, special event... 
- 
					Cyber Risk Security Analyst2 days ago 
 Gurgaon, Haryana, India SAGE Full time ₹ 8,00,000 - ₹ 24,00,000 per yearJob purpose:The purpose of the Cyber Security Risk Analyst is to own the risk assessment lifecycle and lead detailed technical security audits across cloud and om-prem environments. This position will also be responsible for design and execution of IT controls testing, the evaluation of technical controls effectiveness, and for driving remediation with...