GRC Analyst – InfoSec

Total positions – 2

Experience 4+ Years in same field.

Job Description:

Key Responsibilities:

  • Perform periodic audits to ensure required policy, regulatory controls, and information security best practices are being followed and documented.
  • Apply knowledge of risk areas and key regulations to influence audit scope.
  • Work with process and control owners to communicate audit results, identify remediation options, recommend appropriate and pragmatic solutions to control issues, and prioritize action plans.
  • Work with key business units to drive the adoption, design, implementation, operation, and remediation of control activities and other supporting requirements like policies, standards, processes, system configurations and reporting
  • Follow up on audit findings to ensure that all deficiencies are remediated timely.
  • Coordinate audit-related tasks to ensure the readiness for audit testing with both internal personnel and external auditors.
  • Contribute to the development of audit process improvements.
  • Pro-actively develop automated routines to help audit efficiency.
  • Working knowledge of GRC tools like Archer.
  • Assist and advance the SOC 2 compliance accreditation.
  • Audit scope could also include internal security policies, NIST-CSF, GDPR, ISO/IEC 27001, CIS recommendations, SDLC, etc.
  • Assist with the creation and maintenance of policies, control specifications, and compliance auditing.
  • Respond to customers’ attestation requests.

Experience:

  • Bachelor’s or Master’s degree in a computer or information security field.
  • 4 or more years of prior work experience in GRC, information security compliance, in a SaaS environment.
  • Strong organization and communication skills
  • Relentless attention to detail
  • Prior work experience in Governance Risk and Compliance or information security.
  • Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), or other relevant IT/IS audit certification.
  • Experience with ISO/IEC 27001 and SOX framework.
  • Data analysis techniques, including security log analysis.
Job Type: Full-time
Job Location: Vadodara
Designation: GRC Analyst
Positions: 2
Required joining date: As soon as possible
Compensation: Best in the Industry
Work Experience: 3+ years

Apply for this position

Allowed Type(s): .pdf, .doc, .docx, .rtf
Back to top of page