Job Description
We are seeking a motivated and skilled GRC Analyst to join our team at AuthenticOne. As a GRC Analyst, you will be responsible for managing cybersecurity risks, conducting compliance assessments, and implementing security policies based on industry best practices, including ISO 27001 and RBI/SEBI guidelines. This is an excellent opportunity to build and enhance your skills in the rapidly evolving field of cybersecurity governance, risk management, and compliance.
Responsibilities:
- Compliance & Regulatory Oversight: Ensure compliance with applicable laws and regulations, such as RBI/SEBI cybersecurity guidelines, GDPR, and other local and international frameworks.
- Risk Management: Assist in conducting risk assessments to identify, evaluate, and prioritize risks related to information security and business operations.
- Audit Support: Support internal and external audits by preparing documentation, coordinating audit activities, and ensuring compliance with cybersecurity policies and standards.
- Cybersecurity Program Management: Collaborate with IT, legal, and other stakeholders to integrate cybersecurity risk management into business processes, ensuring alignment with organizational goals.
- Policy Development & Training: Contribute to the development of information security policies, procedures, and guidelines, and assist in delivering training programs to raise awareness of security best practices across the organization.
- Continuous Improvement: Work with various teams to assess the effectiveness of existing controls and propose improvements to enhance the organization’s cybersecurity posture.
- Reporting & Documentation: Maintain clear and comprehensive documentation of risk assessments, compliance activities, audits, and incident reports.
Job Requirements
• 2-5 years of hands-on experience in Governance, Risk, and Compliance (GRC) roles.
• Good understanding of information security principles, controls, and risk management methodologies.
• Hands-on experience implementing standards such as ISO 27001/2, ISO27701, SOC2, PCI DSS, NIST, HITRUST, HIPAA, and GDPR.
• Strong analytical skills and attention to detail in identifying security vulnerabilities and assessing compliance gaps.
• Excellent written and verbal communication skills to prepare reports and deliver presentations.
• Ability to collaborate effectively with cross-functional teams.
• Certifications such as ISO 27001 Lead Auditor, CISA, or similar are preferred.
Preferred Qualifications
• Previous experience with cybersecurity frameworks and regulations.
• Ability to work independently and in a team setting.
About the Company
AuthenticOne is a leading cybersecurity firm focused on delivering top-notch solutions in governance, risk management, and compliance. We assist clients across diverse industries to ensure robust cybersecurity practices and regulatory compliance. Join our team and make a meaningful impact on organizational cybersecurity defenses.