GRC Analyst / Consultant

Hyderabad, Bangalore, Chennai, Mumbai, Noida, Kolkata and Pune.

NOTE: Candidate interested in WALK-IN DRIVE must apply

Walk-In

**: GRC Analyst / Consultant

ybersecurity risk assessment, Control testing and Compliance audits

4-10yrs & 10+yrs

PAN India

Venue :

Hyderabad

TCS Synergy Park Phase1 ,Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019

Bangalore

TCS L-Center, Vydehi RC-1 Block, EPIP Industrial Area, 82, 6th Rd, KIADB Export Promotion Industrial Area, Whitefield, Bengaluru, Karnataka 560066

Chennai

TCS Siruseri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103

Mumbai

TCS OLYMPUS, Hiranandani Estate, Thane West, Thane, Maharashtra 400615

Noida

TCS Yamuna, First floor, Assotech Business Cressterra, VI Plot 22, Sector 135, Noida, Uttar pradesh- 201301

Kolkata

TCS Gitanjali Park | IT/ITES SEZ, Plot-IIF / 3 Action Area-II, New Town, Rajarhat, Kolkata-700156, West Bengal, India

Pune

Tata Consultancy Services, Sahyadri Park SP1, S3 Builiding, Rajiv Gandhi Infotech Park, Hinjewadi Phase 3, Pune – 411057

Technical:

• Security Framework Alignment and Related Controls Testing (NIST, CoBIT, ISO 27001)
• SOX Testing for IT Controls
• IT Compliance audits
• Vendor Risk Assessments
• Contribute to documentation of Information Security Policies, Standards, Processes, and Procedures.
• Manage and perform cybersecurity assessments on emerging/ongoing business initiatives, third-party services
• Evaluate third-party products/services by reviewing standardized questionnaires, evidencing their controls

Non-Technical:

• Analytical thinker
• Collaborative team player
• Eexcellent written and verbal communication
• Capable of bridging the gap between business demands and cybersecurity requirements
• Ability to articulate cybersecurity risks in business terms
• Demonstrable knowledge of information security standards, data security practices and procedures
• Understanding of the impact of various data protection and integrity controls, operating systems and network security controls, authentication controls, and security protocols

Requires demonstrable knowledge of security principles to a diverse range of risk scenarios to coordinate acceptable solutions between business needs,

technology operations, and information security best practices

Good-to-Have

• Familiarity with GRC Tools (RSA Archer, ServiceNow GRC)
• Certifications like CISA, CISSP, CISM, CRISC etc.