Governance, Risk, and Compliance (GRC) Analyst PURVIEW

10.0 - 14.0 years

0 Lacs

telangana

On-site

As an experienced professional in Governance, Risk, and Compliance, you will be responsible for developing and maintaining information security policies in alignment with organizational goals and regulatory frameworks. Your role will involve coordinating annual reviews and obtaining executive approval to ensure policies remain relevant across various domains such as access control and secure software development. In this position, you will design and implement IT Service Management workflows and runbooks to enhance operational efficiency and promote cross-functional alignment. Additionally, you will conduct scheduled vulnerability scans and comprehensive risk assessments, leveraging AI-driven tools for automated documentation retrieval and issue tracking to support rapid response and proactive risk mitigation. Utilizing the FAIR (Factor Analysis of Information Risk) model, you will perform quantitative risk assessments and collaborate with managed advisory services to address complex governance and compliance challenges. Ensuring ongoing adherence to industry frameworks such as the NIST Cybersecurity Framework and CIS Controls will be a key aspect of your responsibilities, including implementing best practices in data encryption, business continuity, and disaster recovery planning. Furthermore, you will be involved in developing service-management metrics, continual improvement roadmaps, and establishing robust processes for production testing, release management, and lifecycle compliance. Your expertise will be crucial in advising on and implementing frameworks to strengthen corporate governance and provide effective compliance oversight across business units. To excel in this role, you should have a minimum of 10 years of experience in Governance, Risk, and Compliance roles, with proven expertise in policy development, control mapping, and executive communication. Strong cross-functional experience, especially in cybersecurity, automation, and cloud environments, will be essential. Demonstrated success in leading vulnerability scanning, enterprise risk assessments, and a deep understanding of FAIR risk management methodologies are required. You should possess in-depth knowledge of NIST CSF and CIS standards, as well as hands-on experience in data encryption, business continuity planning, and disaster recovery. Proficiency in designing service-management metrics, improvement roadmaps, and production/release processes is necessary. Excellent written and verbal communication skills, along with the ability to engage stakeholders at all organizational levels, are key qualities for this role. Please note that this position requires support in the US Eastern Time (ET) zone and does not involve rotational shifts.,

Posted 3 days ago

Apply

Enterprise Risk Management Professional WORKINGBEES GLOBAL PRIVATE LIMITED

5.0 - 7.0 years

10 - 14 Lacs

Hyderabad

Work from Office

We are seeking an experienced Enterprise Risk Management professional with 5+ years of internal risk management experience, specifically in enterprise environments The ideal candidate must have hands-on experience with FAIR (Factor Analysis of Information Risk) methodology to quantify and manage cyber and information risk effectively This role focuses on core risk management and risk quantification and excludes third-party risk, audit, or compliance functions Key responsibilities include implementing and refining the FAIR model, supporting enterprise-wide risk analysis efforts, and collaborating with cross-functional teams to improve decision-making around information risk

Posted 2 weeks ago

Apply

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.