Governance Risk And Compliance (grc)

Year    Lower Parel, Mumbai, Maharashtra, India

Job Description

b'

BE / Btech / MCA / Graduation in science stream CISA, CISM, ISO 27001 certification, desired Experience: 3 to 11 yrs Information Security Management Vulnerability Management ISO | Security Planning IT Security Management Security Services Project Management Log Analysis Risk Compliance | Risk Advisory Duties and responsibilities \xe2\x80\x93
  • Implements security controls, risk assessment framework, and program that align to regulatory requirements, ensuring documented and sustainable compliance that aligns with business objectives.
  • Implements processes, such as GRC (governance, risk and compliance), to automate and continuously monitor information security controls, exceptions, risks, testing. Develops reporting metrics, dashboards, and evidence artifacts.
  • Evaluates risks and develops security standards, procedures, and controls to manage risks. Improves firm\xe2\x80\x99s security positioning through process improvement, policy, automation, and the continuous evolution of capabilities.
  • Defines and documents business process responsibilities and ownership of the controls in GRC tool. Schedules regular assessments and testing of effectiveness and efficiency of controls and creates GRC reports.
  • Updates security controls and provides support to all stakeholders on security controls covering internal assessments, regulations, protecting personal and client data assets.
  • Performs and investigates internal and external information security risk and exceptions assessments. Assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks.
  • Documents and reports control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities.
  • Assists other staff in the management and oversight of security program functions.
  • Trains, guides, and acts as a resource on security assessment functions to other departments within the firm.
  • Remains current on best practices and technological advancements and acts as the firm\xe2\x80\x99s resource for security assessment and regulatory compliance.
Knowledge of \xe2\x80\x93
  • Applicable information security certification, management, governance, and compliance principles, practices, laws, rules, and regulations
  • Information technology systems and processes, network infrastructure, data architecture, data processes, and protocols
  • Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration
  • Information systems auditing, monitoring, controlling, and assessment process
  • Risk assessment, Incident response and management methodology.
Skills in \xe2\x80\x93
  • Developing and implementing enterprise governance, risk, and compliance strategy and solutions
  • Researching and locating information related to internal and external organizations using online and other sources
  • Security project management and planning while maintaining confidentiality
  • Working with diverse academic and cultural ethnic backgrounds of retainer, staff, consultant, third party providers
Ability to \xe2\x80\x93
  • Work independently and prioritize multiple tasks and adapt to needed changes
  • Effectively communicate technical issues to diverse audiences, both in writing and verbally
  • Apply a risk-based approach to planning, executing, and reporting on audit engagements and auditing process
  • Evaluate and update and/or revise program materials. Handle sensitive and confidential matters, situations, and data. Understand and follow broad and complex instructions
  • Interact positively with users, firm management, vendor, and regulatory agencies in order to enhance effectiveness and to promote quality service
  • Comprehend technical language and to confer, analyze and write in an objective, lucid manner. Remain calm under high pressure/difficult situations.
Job Types: Full-time, Permanent Pay: 552,274.28 - 1,500,000.00 per year Schedule:
  • Day shift
  • Monday to Friday
  • Morning shift
Ability to commute/relocate:
  • Lower Parel, Mumbai, Maharashtra: Reliably commute or planning to relocate before starting work (Required)
Application Question(s):
  • Current and Expected CTC?
  • Notice period left in days (if serving mention last working date?
  • Current Location?
Experience:
  • total work: 1 year (Preferred)
  • Governance Risk & Compliance: 1 year (Preferred)
  • GRC: 1 year (Preferred)
  • ISO 27001: 1 year (Preferred)
License/Certification:
  • ISO 27001 (Preferred)
Location:
  • Lower Parel, Mumbai, Maharashtra (Preferred)
Shift availability:
  • Day Shift (Preferred)
  • Night Shift (Preferred)
  • Overnight Shift (Preferred)
Willingness to travel:
  • 50% (Preferred)
Work Location: In person

Beware of fraud agents! do not pay money to get a job

MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.


Job Detail

  • Job Id
    JD3283285
  • Industry
    Not mentioned
  • Total Positions
    1
  • Job Type:
    Full Time
  • Salary:
    Not mentioned
  • Employment Status
    Permanent
  • Job Location
    Lower Parel, Mumbai, Maharashtra, India
  • Education
    Not mentioned
  • Experience
    Year