GRC and Security Awareness Analyst

Hyderabad - India

Monthly Salary: Not Disclosed

Posted on: 2 hours ago

Vacancies: 1 Vacancy

Job Summary

This senior-level position will be a key member of our global Cybersecurity team focused on Governance Risk and Compliance (GRC) and Security Awareness for the India office. The role ensures that local operations align with best practice security frameworks (NIST CSF) and internal security standards while driving a strong cyber-aware culture through effective training and engagement.

Key Responsibilities:

Governance Risk & Compliance (GRC):
- Implement and maintain security controls aligned with NIST CSF and internal standards.
- Conduct risk assessments maintain risk registers and monitor control effectiveness.
- Partner with control owners to remediate gaps and report compliance status to leadership.
- Support audits and regulatory requirements relevant to India operations.

Security Awareness & Training:
- Develop and deliver engaging cybersecurity awareness programs for India employees.
- Coordinate phishing simulations track metrics and recommend improvements.
- Tailor training for role-specific needs (e.g. developers finance HR) and ensure annual compliance.
- Act as a local ambassador for global security initiatives and human risk management.
Collaboration & Reporting:
- Work closely with global Cybersecurity leadership and India site management.
- Prepare dashboards and executive-level reports on control effectiveness and awareness program impact.

Qualifications:

Bachelors degree in Computer Science Information Security or related field.
5 years in cybersecurity with at least 3 years in GRC or compliance roles.
Strong knowledge of NIST CSF ISO 27001 and regulatory frameworks.
Experience with GRC tools (e.g. ServiceNow Archer) and security awareness platforms.
Excellent communication skills and ability to influence across cultures.
Ability to deliver work that meets all minimum standards of security quality and operability.

Preferred Skills:

Certifications such as CISM CISSP CRISC or equivalent.
Experience in a multinational environment and familiarity with India-specific compliance requirements.

This senior-level position will be a key member of our global Cybersecurity team focused on Governance Risk and Compliance (GRC) and Security Awareness for the India office. The role ensures that local operations align with best practice security frameworks (NIST CSF) and internal security sta...

Key Responsibilities:

Governance Risk & Compliance (GRC):
- Implement and maintain security controls aligned with NIST CSF and internal standards.
- Conduct risk assessments maintain risk registers and monitor control effectiveness.
- Partner with control owners to remediate gaps and report compliance status to leadership.
- Support audits and regulatory requirements relevant to India operations.

Security Awareness & Training:
- Develop and deliver engaging cybersecurity awareness programs for India employees.
- Coordinate phishing simulations track metrics and recommend improvements.
- Tailor training for role-specific needs (e.g. developers finance HR) and ensure annual compliance.
- Act as a local ambassador for global security initiatives and human risk management.
Collaboration & Reporting:
- Work closely with global Cybersecurity leadership and India site management.
- Prepare dashboards and executive-level reports on control effectiveness and awareness program impact.

Qualifications:

Bachelors degree in Computer Science Information Security or related field.
5 years in cybersecurity with at least 3 years in GRC or compliance roles.
Strong knowledge of NIST CSF ISO 27001 and regulatory frameworks.
Experience with GRC tools (e.g. ServiceNow Archer) and security awareness platforms.
Excellent communication skills and ability to influence across cultures.
Ability to deliver work that meets all minimum standards of security quality and operability.

Preferred Skills:

Certifications such as CISM CISSP CRISC or equivalent.
Experience in a multinational environment and familiarity with India-specific compliance requirements.