4–12 Years
About the Role
We are looking for an experienced Governance, Risk and Compliance (GRC) Specialist who can independently assess organizations against multiple global compliance frameworks and assist customers in becoming audit-ready.
The ideal candidate should have experience with both IT and non-IT organizations.
Responsibilities
- Perform compliance assessments
- Conduct GAP Analysis
- Review organizational policies
- Review SOPs
- Review HR processes
- Review legal agreements
- Verify technical controls
- Verify operational controls
- Prepare risk assessments
- Review vendor management
- Review asset management
- Review business continuity
- Conduct internal audits
- Support external audits
- Prepare evidence requirements
- Build compliance roadmaps
- Help customers achieve certification
- Collaborate with product teams to automate controls
Must Have ExpertiseInformation Security
- ISO 27001
- ISO 27701
- SOC 2
- GDPR
- DPDP Act
- HIPAA
- PCI DSS
- CIS Controls
- NIST CSF
- NIST 800-53
- TISAX (preferred)
Privacy
- GDPR
- DPDP
- HIPAA
- Privacy by Design
- Data Classification
- Data Retention
- Cross-border data transfer
Risk Management
- Enterprise Risk Management
- Vendor Risk
- Third-party Risk
- Business Continuity
- Incident Response
- Risk Register
- Control Mapping
Non-Technical Compliance
- HR Policies
- Employee Lifecycle
- Procurement
- Finance Controls
- Legal Documentation
- Vendor Contracts
- Physical Security
- Visitor Management
- Asset Register
Technical Compliance
Should understand and verify:
- IAM
- MFA
- Cloud Security
- Firewall
- Encryption
- Logging
- Monitoring
- Backup
- Endpoint Security
- Vulnerability Management
- Patch Management
- Access Reviews
- Cloud Infrastructure
- Network Security
Preferred Certifications
- ISO 27001 Lead Auditor
- ISO 27001 Lead Implementer
- CISA
- CISSP
- CISM
- CDPSE
- CRISC
- CCSK
Pay: ₹600,000.00 - ₹2,000,000.00 per year
Benefits:
- Health insurance
- Life insurance
- Provident Fund
Work Location: In person