GRC Analyst/Senior Analyst- Hyderabad

Job Description: Governance, Risk, and Compliance (GRC) Analyst

Position Title: IT Security Governance, Risk, and Compliance (GRC) Analyst

Department: IT Security

Reports To: Senior Manager, IT Security

Job Type: Full-Time

Role Summary

The Governance, Risk, and Compliance (GRC) Analyst is responsible for supporting the organization’s information security governance, risk, and compliance activities in alignment with ISO/IEC 27001:2022 and SOC 2 Trust Services Criteria.

This role plays a key part in maintaining the Information Security Management System (ISMS), coordinating risk assessments, performing control testing, tracking remediation efforts, and ensuring the organization remains audit-ready at all times.

The GRC Analyst collaborates closely with IT, Security Operations, Legal, Privacy, and Business Units to promote a strong risk and compliance culture across the organization.

Key Responsibilities

1. Governance & ISMS Management

2. Risk Management

3. Compliance & Audit Support

4. Reporting & Continuous Improvement

5. Tool Administration & Documentation

Required Qualifications

Category Requirements

Education Bachelor’s degree in Information Security, Computer Science, Risk Management, or related field. Equivalent work experience may be considered.

Certifications (Preferred) ISO/IEC 27001:2022 Internal Auditor or Lead Implementer, SOC 2 Practitioner, CRISC or CISA.

Experience 2–5 years of experience in GRC, Information Security, or Audit (preferably supporting ISO 27001 or SOC 2).

Framework Knowledge Strong understanding of ISO 27001:2022, SOC 2 Trust Services Criteria, NIST CSF, and risk management principles.

Technical Skills Familiarity with GRC platforms (e.g., ServiceNow GRC, Archer, OneTrust), risk assessment tools, and audit workflows.

Soft Skills Strong analytical and writing skills, attention to detail, ability to communicate complex topics to non-technical stakeholders, and collaborative mindset.

Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities.

Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work.

At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India.

At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you.