GRC Consultant
GRC Consultant
Posted on :
24-04-2024
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Monthly Salary
Not Disclosed
Salary Not Disclosed
Vacancy
1 Vacancy
Posted on :
24-04-2024
Job Description
Req ID : 2750772
Notes from Hiring Manager
Exp: 5 9 Yrs
Location: Bangalore (Preffer Bangalore candidates)
skills:
ISO 27701 GDPR CCPA PCIDSS HIPAA CISSPHitrust CISM CDPSE ISMS BCMS 27701 PIMS 27017 SOX 404 ITGC ITAC SSAE NIST TPRM SCIT Cloud Concept Cloud Security AWS Must IT Software Drafting policies
On the notes please share this details
Candidate Name:
Current Location:
Hybrid:
Current Organization:
Current Designation:
Overall experience:
GRC experience:
Years of experience in AWS cloud environment:
Years of experience in cloud security/IT security/application security:
Years of experience in any of this (ISO 27701 GDPR CCPA PCIDSS
HIPAA CISSPHitrust CISM CDPSE ISMS BCMS 27701
PIMS 27017 SOX 404 ITGC ITAC SSAE NIST TPRM SCIT):
CTC:
ECTC:
Reason for change:
Offer In hand:
Notice Period:
Roles & Responsibilities
We are transforming the way enterprises communicate and engage with
customers. Fueled by consumer s selfservice demands enterprises are
modernizing customer engagement and experience models. We are fast
becoming the platform of choice for Customer Experience AutomationTM
enabling these enterprises to leapfrog their digital native counterparts and
deliver delightful customer and employee experiences. With cuttingedge
Conversational AI Machine Learning and Intelligent Process Automation
technologies we have enabled Fortune 100 enterprises including some of
the world s most well known brands in healthcare insurance banking and
financial services sectors to automate their customer engagement.
Cloudnative 100% nocode and purely workflowdriven empowers
citizen developers within business operations teams to build AIpowered
fullyautomated and omnichannel experience to digitally transform customer
journeys endtoend.
Role: GRC Consultant
Location: Bangalore
The Role
We are looking for a motivated passionate GRC Consultant. The GRC
Consultant will be working with GRC Director to implement GRC initiatives
and charter for our organization. Implement processes to ensure that protection
compliance & certifications are maintained in the organization in an ongoing
manner. Where necessary the consultant should assist the GRC director to
acquire new certifications & compliances to initiate & support ongoing audits
to mention a few. You will collaborate across various teams and offer support
& guidance to product management customer success & support system
architects engineering development and quality assurance teams.
Responsibilities
Responsible for implementing the GRC charter in order to improve the
overall security & compliance posture of the organization
Work with external security & related disciplines consultants and will be a
part of developing the security mindset of our teams.
Support & nurture regulations such as CCPA GDPR HIPAA HITRUST etc.
Support certification and compliance audit activities e.g. SOC2 HITRUST
ISO 27001 and PCIDSS
Contribute towards organization security focusing on our product & our
corporate security hygiene
Establish policies procedures and guidelines.
Subject matter expert when it comes to security & GRC practices
Continuous alignment and improvement of the GRC processes with various
stakeholders leveraging existing GRC tools in place finding out what more is
required to support our business processes and keep working around overall
security governance risk management and various audits all year around
Qualifications
At least 510 years of experience in IT with a minimum 3 years in security/
GRC
Skills in Cloud Concepts Cloud Security and SaaS Security
Experience working in an AWS cloud environment is a must
Experience in drafting policies procedures and reports
Experience with Security Operations will be an advantage
Must have performed compliance Tasks e.g. involved in assessments risk
management
audits drafting policies procedures and reports
Knowledge of organization accreditation/certifications e.g. SOC2/ ISO
27001/ PCI DSS etc.
Knowledge of different types of frameworks regulations standards and
best practices e.g.
NIST CSF CSA CIS HITRUST etc.
Prior experience using the GRC tool will be an advantage
DevSecOps/ DevOps Skills
Security Testing Knowledge e.g. SAST DAST VAPT etc.
Vulnerability Management Skills
Knowledge of Data Security and Privacy
Knowledge of the Incident Response process
Prior experience of involvement in control implementation will be an
advantage
Knowledge of DR BCP Malware campaign advisory etc.
Knowledge of EDR MDR DLP and any other endpoint protection tool
Knowledge of any automation standardization and templatization skills will
be an advantage
Knowledge of industry regulation on security and privacy e.g. GDPR CCPA
etc.
cissp,27701,security operations,drafting policies,security,industry regulation on security and privacy,cloud security,conversational ai,grc processes,soc2,ssae,cis,hitrust,privacy,it software,security testing,dr,grc practices,malware campaign,vulnerability management,cloud concept,security governance,isms,iso 27001,saas security,devsecops,data security and privacy,mdr,soc2/,gdpr,incident response,grc charter,risk management,cdpse,sast,cism,nist csf,27017,sox 404,scit,intelligent process automation,itac,dast,quality assurance teams,hipaa,27001,pci dss,bcp,iso 27701,iso 27001/,tprm,automation,cloud-native,csa,ccpa,edr,grc tool,devops skills,cloud concepts,nist,dlp,aws,scit cloud concept,devsecops/,templatization,itgc,standardization,machine learning,pims,ai-powered,22301,pci-dss,data security,incident response process,bcms,vapt
Employment Type
Full Time
Key Skills
- Sales Experience
- Direct Sales
- Hyperion
- Financial Services
- Financial Concepts
- Banking
- Oracle EBS
- Securities Law
- Peoplesoft
- Oracle
- Financial Management
- Workday
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
