We are seeking a motivated and skilled GRC professional to join our team. As a GRC

Analyst, you will be responsible for managing cybersecurity risks, conducting

compliance assessments, and implementing security policies based on industry s best

practices, including ISO 27001 and RBI/SEBI guidelines. This role offers an excellent

opportunity to build and enhance your skills in the rapidly evolving field of cybersecurity

governance, risk management, and compliance

Key Responsibilities-

- Compliance Regulatory Oversight: Ensure compliance with applicable laws and

regulations, such as RBI/SEBI cybersecurity guidelines, GDPR, and other - local and

international frameworks.

- Risk Management: Assist in conducting risk assessments to identify, evaluate, and

prioritize risks related to information security and business operations.

- Audit Support: Support internal and external audits by preparing documentation,

coordinating audit activities, and ensuring compliance with cybersecurity policies and

standards.

- Cybersecurity Program Management: Work closely with IT, legal, and other

stakeholders to integrate cybersecurity risk management into business processes,

ensuring alignment with organizational goals.

- Policy Development Training: Contribute to the development of information security

policies, procedures, and guidelines, and assist in delivering training programs to raise

awareness of security best practices across the organization.

- Continuous Improvement: Collaborate with various teams to assess the effectiveness

of existing controls and propose improvements to enhance the organizations

cybersecurity posture.

- Reporting Documentation: Maintain clear and comprehensive documentation of risk

assessments, compliance activities, audits, and incident reports to provide transparency

to senior leadership and regulatory bodies.

Qualifications-

- 2-5 years of hands-on experience in Governance, Risk, and Compliance (GRC) roles.

- Good understanding of information security principles, controls, and risk management

methodologies, compliance and audits

- Hands on experience of implementing two or more standards such as ISO 27001/2,

ISO27701, SOC2, PCI DSS, NIST standards on Cyber Security, HITRUST, HIPAA,

GDPR etc.

- Strong analytical skills and attention to detail in identifying security vulnerabilities and

assessing compliance gaps.

- Excellent written and verbal communication skills to prepare reports and deliver

presentations.

- Cloud Expertise (AWS/Azure/GCP)

- Security Certifications are preferred.

Role: Security Engineer / Analyst

Industry Type: Financial Services

Department: IT & Information Security

Employment Type: Full Time, Permanent

Role Category: IT Security

Education

UG: Any Graduate

PG: Any Postgraduate