GRC Analyst- IT GSO
Hyderabad, TS, IND
2d ago

Our vision is to transform how the world uses information to enrich life. Join an inclusive team passionate about one thing : using their expertise in the relentless pursuit of innovation for customers and partners.

The solutions we build help make everything from virtual reality experiences to breakthroughs in neural networks possible.

We do it all while committing to integrity, sustainability, and giving back to our communities. Because doing so can fuel the very innovation we are pursuing.

The GRC analyst plays an integral part in the development, implementation, and compliance of information risk management across the enterprise.

The analyst is responsible for managing risks related to the use of Information Technology, Information Security, Privacy, Regulatory Compliance and Governance.Responsibilities

  • Serve as a subject matter expert to ensure and monitor compliance with Industry and Government rules and regulations at Enterprise / Region / Site level
  • Conduct gap analysis and implement Frameworks / Standards like ISO 27001, Privacy, GDPR, NIST, SOX
  • Develop and revise Policies, Standards, Processes and Guidelines for the enterprise through Change Management
  • Conduct Vendor Risk Assessments to assess security posture of vendors against organizational security requirements
  • Assess design effectiveness and continually monitor operating effectiveness of controls
  • Track and monitor Risk Treatment plans
  • Overall Governance and Report Risk performance against established enterprise risk metrics
  • Testing of SOX- ITGC controls, monitoring and reporting
  • Conduct technical research to aid in threat assessment or risk mitigation activities
  • Understand the trade-offs required to manage different levels of risk tolerance and risk exposure across the organization and be able to communicate to responsible team members
  • Understand voice of the customer and develops mechanisms to proactively sense adoption and usage patterns of current or emerging consumer technologies so that policy can align with need
  • Coordinate with technology and business groups to assess, implement, and monitor IT-related security risks / hazards
  • Advise business-led technology projects on IT risk awareness and standards compliance
  • Education

  • Bachelor’s Degree in Computer Science / Management Information Systems / Business Administration
  • Related field of study
  • Experience : 4-7 yearsAnalyzing and applying Information Security, Risk Management, and Privacy practices or Policies for minimum of 5 years of experience in the following :

  • IT business process knowledge and acumen
  • Strategy definition or program management preferred
  • IT Business liaison role
  • Experience of working on GRC tools like ServiceNow / Archer / MetricStream
  • Risk Analytics experience within finance and / or IT
  • Threat, Vulnerability, Business Continuity, and Risk Assessment
  • National and International Regulatory Compliances and Frameworks such as NIST Cyber Security Framework, ISO, SOX, EU DPD, HIPAA, PCI DSS
  • CRISC, CISA or CISSP Certifications preferred
  • Preferred skills in SharePoint and reporting services
  • In depth knowledge of IT Security Management risk practices
  • Soft skills requirements

  • Ability to define and communicate risk in business-relevant language
  • Excellent verbal and written communication skills
  • Ability to react to high pressure dynamic changing environments
  • Ability to communicate IT risk concepts to non-technical people
  • Strong problem solving and analytical skills
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form