Lucknow, Uttar Pradesh
Job Summary
Job Description the role- GRC AnalystGRC (Governance, Risk, and Compliance) Analyst works with process owners, auditors,and stakeholders to analyze, monitor, and address risk management and complianceissues. Responsibilities include administering ISO 27001 and SOC 2 compliance programs,assisting with assessments, and ensuring adherence to SOC2, ISO 27001standards.This role is crucial in protecting the organization’s reputation and ensuring regulatorycompliance. By mitigating risks and preventing breaches, the GRC Analyst enhances ITsecurity and strengthens operational resilience, delivering significant value throughimproved risk management and regulatory alignment.Typical duties and responsibilities1. Conduct risk assessments, validation testing, compliance reviews, and audits inline with ISO or NIST standards.2. Oversee and support SOC 2 and global ISO 27001 audit processes.3. Conduct Internal Audits – implementing and assessing ITGC controls4. Drive the widespread implementation of ISO 27001 standards across theorganization.5. Manage and monitor a central repository for audit evidence.6. Review and update security standards, policies, and practices to meet corporatedemands.7. Share information with managers to avoid surprises, highlight problems, and ensuretimely delivery.8. Develop and maintain a comprehensive GRC framework, ensuring alignment withindustry best practices and regulatory requirements.9. Coordinate with cross-functional teams to identify and mitigate risks associatedwith IT and business processes.10. Provide expert guidance on regulatory changes and emerging security threats,ensuring the organization remains compliant and secure.11. Conduct Information security Awareness sessions and assessments. Required skills and experience• Over 3-5 years of experience in Information Security with a specialized focus on riskmanagement and compliance. This includes more than 3 years of hands-onexperience with ISO 27001 and SOC 2 audits, involving tasks such as developingaudit plans, identifying control gaps, and recommending effective remediationmeasures.• Bachelor’s degree in Information Cybersecurity, Computer Science, , or a relatedfield.• Strong understanding of regulatory requirements, including ISO 27001, SOC 2, NIST,and GDPR, with experience applying these standards in real-world scenarios.• Familiarity with GRC tools, such as Service Now -IRM , OneTrust, or Archer, andexperience with cloud storage disaster recovery processes.• Proven experience in managing risk and compliance projects, includingcoordinating third-party audits, leading audit response initiatives, and developingaudit plans. Responsibilities include identifying control gaps, recommendingremediation measures, and managing the audit process.• Excellent problem-solving skills and attention to detail, with the ability to analyzecomplex issues, develop effective solutions, and communicate findings.• Strong interpersonal and communication skills, essential for collaborating withvarious stakeholders, presenting audit results, and negotiating remediation actions.Nice to have/preferred skills and experience (not required)• ISO 27001 Lead Auditor, CISA, CISM, or CISSP, or working towards thesecertifications.• Critical thinking and analytical skills. This includes evaluating risk factors,interpreting regulatory requirements, and making data-driven decisions to enhancecompliance programs and mitigate potential issues.• Proven ability to effectively convey complex information and regulatoryrequirements to both technical and non-technical stakeholders.• Knowledge of data privacy regulations and best practices, such as GDPR and CCPA.
Key Responsibilities
1. To provide level 1 remote desktop support to resolve tickets /provide hardware / software / network problem diagnosis / resolution via telephone/email/chat within agreed SLA of ticket volume and time.
2. To adhere to quality standards (voice and accent , Tech Monitoring), regulatory requirements and company policies.
3. To ensure positive customer experience and CSAT through First Call Resolution and minimum average handling time ( AHT), rejected resolutions / Reopen Cases.
4. To maintain high login Efficiency (Availability) for customers.
5. To update worklogs and follow shift/ escalation process to escalate complex problem to appropriate support specialists/route problems to 2nd and 3rd level IT support staff as the case be.
6. Work on value adding activities such Knowledge base update & self development.
#body.unify div.unify-button-container .unify-apply-now: focus, #body.unify div.unify-button-container .unify-apply-#body.unify div.unify-button-container .unify-apply-now: focus, #body.unify div.unify-button-container .unify-apply-