Gautam Buddha Nagar, Uttar Pradesh
Job Summary
We are seeking an experienced and strategic Cloud Security GRC Consultant to lead and govern Governance, Risk, and Compliance (GRC) initiatives for our enterprise customers. In this role, you will act as a trusted advisor, helping clients navigate the complexities of cloud security frameworks, data privacy laws, and industry regulations. You will bridge the gap between technical security controls and business objectives to protect customer assets and build trust
Customer & Stakeholder Management ·
Serve as the primary subject matter expert (SME) on cloud security, governance, and compliance frameworks during client-facing engagements. · Lead customer workshops, conduct maturity assessments, and present risk mitigation strategies to client leadership and stakeholders. · Assist clients in responding to customer security questionnaires, RFP compliance sections, and enterprise third-party due diligence requests.
Cloud Security Governance & Risk Management · Evaluate, design, and govern cloud security controls, policies, and standards across major platforms (e.g., AWS, Microsoft Azure, Google Cloud). · Help clients adopt and integrate Compliance & Risk Frameworks (e.g., ISO 27001, SOC 2, NIST CSF, HIPAA, or GDPR) for specific cloud deployments. · Perform cloud risk assessments utilizing frameworks like CSA CCM, CIS Benchmarks, and NIST SP 800-53. · Monitor Cloud Security Posture Management (CSPM) outputs, triage critical findings, and collaborate with customer DevSecOps teams to enforce remediation SLAs. · Advise customers on shared responsibility models across leading cloud providers (AWS, Microsoft Azure, Google Cloud). · Identify information security threats, evaluate their impact on client cloud infrastructure, and develop risk treatment plans.
Compliance & Audit Readiness · Lead end-to-end certification and compliance programs for standards such as ISO 27001, SOC 2 Type II, PCI DSS, and HIPAA. · Act as the primary liaison between the customer and external certification auditors, managing evidence collection and non-conformity resolution. · Conduct gap analyses and internal audits against client security requirements. · Review third-party cloud service provider audit reports (e.g., SOC 2, ISO 27001) to provide assurance to clients during onboarding. · Knowledge and experience in Sovereign cloud compliance advisory and readiness related engagements.
KNOWLEDGE and SKILLS · Hands-on experience with industry frameworks such as ISO 27001,
SOC 2, NIST, or CIS benchmarks. ·
Foundational understanding of cloud architecture and security controls (Identity & Access Management, Data Encryption, and Cloud Security Posture Management - CSPM). Hands-on experience implementing security controls or governing GRC in AWS, Azure, or Google Cloud environments · Exceptional verbal and written communication skills to articulate complex security risks to non-technical business leaders ·
Familiarity with modern eGRC and automation platforms (e.g., ServiceNow GRC, RSA Archer, OneTrust, Security Command Center). ·
Should be able to travel on short as well as long term engagements
CERTIFICATIONS
PREFERRED CISA, CRISC, CISM, CISSP, or cloud-specific security certifications (e.g., AWS Certified S
Key Responsibilities
1. Act As A Subject Matter Expert wherever required. Mentor the Junior Analysts to improve their Performance Through Feedback And Coaching. Build Product Expertise On A Large Quantity Of Diverse Products Through Thorough Research And Analysis Of Data From Multiple Channels. Provide Value Add To Business Process / Application Improvement Through Research And Analysis
2. Prepare And Develop Documentation For Tools And Project Processes To Support The Lead Trainer And Team Lead. Define Deliverables And Measures For The Project. Track Metrics At And Engagement And Individual Level And Monitor Timelines / Milestones
3. Prepare Periodic Report. Escalate And Solve Challenges With Respect To Projects In Coordination With Internal/External Stake Holders
4. Oversee A Small Group Of Project Team Who Are Responsible To Optimize Work Allocation To Maximize And Balance The Broad Set Of Goals Defined By The Team Leads
Skill Requirements
1. Expert proficiency in SoC architecture and design, with in-depth knowledge of Verilog and UVM for digital verification.
2. Excellent understanding of C and C++ development as applied to embedded systems and SoC integration.
3. Strong familiarity with RTL design, simulation tools (e.g., Synopsys VCS, Cadence), and advanced verification methodologies.
4. Advanced proficiency in developing and reviewing testbench architectures using UVM.
5. Solid experience in mentoring technical teams and driving best practices in SoC development.
Other Requirements
1. Recommended: Certified Verification Engineer (CVE) â UVM (Optional but valuable)
2. Recommended: IEEE Certified SoC Design Professional (Optional but valuable)
#body.unify div.unify-button-container .unify-apply-now: focus, #body.unify div.unify-button-container .unify-apply-#body.unify div.unify-button-container .unify-apply-now: focus, #body.unify div.unify-button-container .unify-apply-