IT GRC Analyst

Job Summary

We are seeking a detail-oriented and analytical IT GRC Analyst (Governance, Risk & Compliance) at Nashik, Maharashtra (On-site Job) to support and enhance our information security program. The ideal candidate will be responsible for managing risk assessments, ensuring regulatory compliance, supporting audits, and maintaining security policies aligned with industry standards and business objectives.

Key Responsibilities

Governance

• Develop, review, and maintain information security policies, standards, and procedures
• Align security controls with industry frameworks (e.g., ISO 27001, NIST CSF)
• Support internal security governance committees
• Track remediation activities and control effectiveness

Risk Management

• Conduct enterprise risk assessments and maintain risk registers
• Perform vendor/third-party risk assessments
• Facilitate Business Impact Analysis (BIA)
• Recommend risk mitigation strategies
• Monitor emerging security risks

Compliance & Audit

• Ensure compliance with applicable regulations (e.g., GDPR, HIPAA, PCI DSS, SOX)
• Prepare for internal and external audits
• Collect and maintain audit evidence documentation
• Conduct control testing and gap assessments
• Support certification processes (e.g., ISO 27001)

Required Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, or related field
• 2–5+ years of experience in cybersecurity, risk, or compliance
• Strong knowledge of risk management methodologies
• Experience with security frameworks and regulatory requirements
• Excellent documentation and communication skills

Preferred Certifications

• CISSP – ISC2
• CISM / CRISC – ISACA
• CompTIA Security+ – CompTIA

Technical Skills

• Understanding of security controls and architectures
• Familiarity with cloud security principles
• Knowledge of Identity & Access Management (IAM)
• Experience with GRC tools (e.g., Archer, ServiceNow, OneTrust)
• Risk assessment and audit management tools

Travel Requirement

• Candidate may be required to travel to Dubai for specific projects, client engagements, audits, or compliance activities.
• Travel may be short-term or project-based, depending on business needs.

Soft Skills

• Strong analytical and critical thinking skills
• Ability to communicate risks to technical and non-technical stakeholders
• Attention to detail
• Project management skills
• Ability to work independently and cross-functionally

Work Environment

• Cross-functional collaboration with IT, Legal, Compliance, and Business Units
• May support global compliance requirements

Job Type: Full-time

Pay: ₹40,000.00 - ₹50,000.00 per month

Work Location: In person