Key Responsibilities
- Assist in implementing and maintaining GRC frameworks and processes
- Support DPDP compliance initiatives, including data mapping and consent requirements
- Conduct risk assessments and maintain risk registers
- Perform Privacy Impact Assessments (PIA/DPIA)
- Review and update policies, SOPs, and compliance documentation
- Support internal audits and compliance checks
- Assist in third-party/vendor risk assessments (TPRM)
- Monitor compliance with regulations such as DPDP, GDPR, ISO 27001
- Track and report compliance gaps and remediation actions
- Assist in incident and data breach response documentation
- Maintain proper documentation and evidence for audits
Required Skills & Competencies
- Basic understanding of GRC principles
- Knowledge of DPDP Act, 2023
- Understanding of privacy and data protection concepts
- Familiarity with risk management and compliance processes
- Strong documentation and analytical skills
- Good communication and stakeholder coordination
- Ability to work independently and in teams
Technical Knowledge
- Risk assessment methodologies
- Data classification and data mapping
- Compliance frameworks (ISO 27001, NIST, SOC 2 – basic knowledge)
- Privacy concepts (PII, consent, data subject rights)
- Basic knowledge of GRC tools (optional)
Qualifications
- Bachelor’s degree in IT, Cyber security, Law, or related field
- 1–2 years of relevant experience in GRC / Compliance / Privacy
Job Types: Full-time, Permanent
Pay: ₹20,000.00 - ₹25,000.00 per month
Work Location: In person
