Cybersecurity GRC Analyst

We are seeking a skilled Cybersecurity GRC Specialist to lead and strengthen our Governance, Risk, and Compliance initiatives. This role focuses on managing cybersecurity risks, ensuring regulatory compliance, supporting audits, and implementing security frameworks to protect organizational information assets.

Key Responsibilities

• Lead and manage Governance, Risk, and Compliance (GRC) activities across the organization
• Perform cybersecurity risk assessments and maintain enterprise risk registers
• Develop, review, and update information security policies, standards, and procedures
• Ensure compliance with frameworks and regulations such as ISO 27001, SOC 2, GDPR, PCI-DSS, and NIST
• Coordinate and support internal and external security audits
• Track, remediate, and report audit findings and risk treatment plans
• Conduct third-party/vendor risk assessments and due diligence
• Monitor compliance with regulatory, legal, and contractual security requirements
• Collaborate with IT, Legal, and Business teams to implement security controls
• Prepare risk reports, compliance dashboards, and management presentations
• Stay updated with evolving cybersecurity threats, regulations, and best practices

Required Skills & Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field
• 3+ years of experience in cybersecurity GRC, risk management, or compliance
• Strong knowledge of cybersecurity frameworks and standards (ISO 27001, NIST, SOC 2, PCI-DSS, GDPR)
• Experience in conducting risk assessments and audits
• Strong documentation, policy writing, and reporting skills
• Understanding of IT controls, data protection, and security governance
• Excellent communication and stakeholder management skills

Preferred / Good to Have

• Certifications such as ISO 27001 Lead Implementer/Auditor, CISA, CRISC, CISSP (preferred)
• Hands-on experience with GRC tools (ServiceNow GRC, Archer, One Trust, etc.)
• Experience in cloud security compliance (AWS, Azure, GCP)
• Knowledge of data privacy laws and regulatory environments

Job Types: Full-time, Permanent

Pay: ₹25,000.00 - ₹50,000.00 per month

Benefits:

• Provident Fund

Work Location: In person