Job Overview
Fourth Command is looking for a Junior IT Security Analyst (GRC) to join its team in a full-time role focused on governance, risk, and compliance activities. This position is ideal for a fresher or early-career candidate who wants to build a career in cybersecurity with practical exposure to GRC platform management, risk assessment, standards mapping, workflow support, API integration coordination, and security documentation.
The selected candidate will support day-to-day GRC operations by helping manage platform activities, organizing compliance and risk-related information, assisting in workflow configuration, supporting documentation, and working with internal stakeholders on security and governance requirements. GRC roles commonly act as the bridge between business processes and security requirements by helping organizations manage risk, maintain compliance, and improve governance practices.
This role is best suited for someone who has a strong interest in cybersecurity governance, attention to detail, and the willingness to learn how security standards, policies, controls, and technology platforms work together in an organizational environment. The role also requires a basic technical mindset, including familiarity with coding concepts and support for platform-related integrations and process automation.
Key Responsibilities
- Support the day-to-day management and administration of GRC platforms, including maintaining records, updating entries, supporting modules, and helping users navigate platform-related tasks.
- Assist in conducting risk assessments by identifying risks, documenting observations, tracking remediation items, and supporting the preparation of risk registers and related reports.
- Help map security controls, policies, and internal processes against applicable cybersecurity standards and frameworks.
- Support the documentation and maintenance of major global cybersecurity standards and compliance requirements relevant to the organization, such as:
- ISO/IEC 27001
- NIST Cybersecurity Framework (NIST CSF)
- SOC 2
- PCI DSS
- GDPR
- HIPAA
- CIS Controls
- Assist with API integration-related coordination for GRC or related platforms by supporting technical discussions, documenting integration requirements, validating data flow expectations, and working with technical teams where needed.
- Support workflow creation, updates, testing, and monitoring within the platform to improve process efficiency and task tracking.
- Provide platform support to internal users by helping troubleshoot basic issues, following up on platform tasks, and ensuring smooth day-to-day usage.
- Prepare, maintain, and organize GRC-related documentation, including policies, procedures, process notes, evidence records, user guides, control documentation, and audit support material.
- Assist with audit and assessment readiness activities by organizing evidence, maintaining repositories, and supporting follow-up actions on observations and findings.
- Coordinate with internal teams to ensure risks, controls, workflow requirements, and documentation needs are properly tracked and updated.
- Support ongoing improvement of governance and compliance processes through structured reporting, documentation quality, and process discipline.
Required Qualifications and Skills
- Fresher candidates can apply.
- Bachelor’s degree required in:
- BSc (IT)
- BSc (Cyber Security)
- BSc (Computer Science)
- BCA
- Candidate must have a minimum academic qualification of above 7.0 CGPA in their qualifying degree.
- Good understanding or academic exposure to cybersecurity, information security, governance, risk, or compliance concepts is preferred.
- Basic awareness of major global cybersecurity standards and frameworks is required, especially ISO/IEC 27001, NIST CSF, SOC 2, PCI DSS, GDPR, HIPAA, and CIS Controls.
- Understanding of risk assessment concepts, control documentation, and process-based security work is preferred.
- Basic knowledge of GRC platforms, compliance tools, ticketing systems, or workflow-based platforms will be an advantage.
- Basic coding knowledge is required, with familiarity in technologies such as Python, React, Node.js, or similar tools useful for platform support, automation, integrations, and technical coordination.
- Understanding of APIs, system integration basics, and data flow concepts will be beneficial for this role.
- Good documentation skills are essential, as the role involves preparing and maintaining process documents, policies, records, and support material.
- Strong written and verbal communication skills are important for working with internal teams and supporting compliance-related coordination.
- Good analytical thinking, attention to detail, and willingness to learn are important for success in a GRC-focused role.
Working Model
This is a full-time role with Fourth Command and is suitable for candidates who are comfortable working in a structured professional environment with process-driven responsibilities. The role may involve regular coordination with internal stakeholders, platform users, technical teams, and compliance-related functions.
The position is best suited for candidates who are interested in long-term growth in cybersecurity governance, risk management, compliance operations, and platform-based security process management. Consistency, discipline, and comfort with documentation-heavy and process-oriented work will be important in this role.
Mindset and Commitment
Fourth Command is looking for a candidate who is sincere, detail-oriented, and genuinely interested in building a career in cybersecurity with a governance and risk focus. Since this is a junior role, the company will value learning attitude, accountability, and willingness to work patiently on structured tasks such as documentation, risk tracking, platform updates, and workflow support.
The ideal candidate should be proactive, organized, and capable of balancing technical understanding with process discipline. A strong sense of ownership, professional communication, and readiness to learn both business and security requirements will be important for long-term success in this role.
This position is well suited for someone who wants to grow in the GRC domain by gaining hands-on exposure to cybersecurity standards, risk assessment, platform management, workflow support, integrations, and security documentation in a professional consulting environment.
Job Type: Full-time
Pay: ₹300,000.00 - ₹800,000.00 per year
Work Location: In person
