507 Grc Jobs - Page 21

ANZEN Technologies Private Limited. stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. Qualifications: 1. B.E / MSc in Information Technology, Computer Science or related field. 2. Basics understanding of fundamental concepts in GRC, Cybersecurity, Networking and Information Security. 3. Good communication & documentation skills. Candidate should possess basic knowledge of following standards: 1. ISO 27001:2022 (ISMS) 2. DPDP Act. 2023 Certification: (Optional): 1. ISO 27001 LA or LI 2. Any course/training related to cybersecurity Internship Duration - 6 months Office Address : ANZEN Technologies Private Limited Akshar Business Park, H - 3025, 3rd Floor, Plot No. 3, Sector-25, Vashi, Navi Mumbai 400703 https://anzentech.com Immediate Joiner may apply and come for Interview

ANZEN Technologies Private Limited. stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. Position : Senior Associate Consultant Key Responsibilities: GRC Strategy and Planning: Develop and implement comprehensive GRC strategies, policies, and procedures aligned with organizational goals and objectives. Define and prioritize GRC initiatives based on risk assessments, regulatory requirements, and industry best practices. Continuously evaluate and update GRC frameworks to adapt to evolving threats and compliance landscapes. Risk Management: Conduct risk assessments to identify, analyze, and prioritize risks across the organization. Develop risk mitigation strategies and controls to address identified risks effectively. Monitor and report on risk exposure and mitigation efforts to senior management and stakeholders. Compliance Management: Ensure compliance with relevant laws, regulations, and industry standards, such as GDPR, HIPAA, PCI DSS, etc. Monitor changes in regulatory requirements (SEBI, RBI, IRDAI etc) and assess their impact on the organization's compliance posture. Coordinate compliance audits, assessments, and certifications, and remediate any identified issues or deficiencies. Audit Management: Plan, coordinate, and oversee internal and external audit activities, including IT audits, compliance audits, and third-party audits. Develop audit plans, programs, and testing procedures to assess the effectiveness of controls and compliance with policies and regulations. Review audit findings, assess control deficiencies, and collaborate with stakeholders to develop and implement remediation plans. Monitor and track the progress of audit remediation efforts and report on the status to senior management and audit committees. Policy Development and Enforcement: Develop, review, and update information security policies, standards, and guidelines in alignment with regulatory requirements and industry best practices. Establish mechanisms for policy enforcement and monitor adherence to policies across the organization. Cross-Functional Collaboration: Collaborate with internal stakeholders, including IT, legal, finance, and operations, to integrate GRC principles into business processes and initiatives. Provide guidance and support to business units on GRC-related matters, including risk assessments, compliance requirements, and controls implementation. Training and Awareness: Develop and deliver GRC training programs and awareness campaigns to educate employees on their roles and responsibilities in maintaining compliance and managing risks. Foster a culture of compliance and risk awareness throughout the organization. Qualifications and Skills: Bachelor's degree in Information Security, Risk Management, Business Administration, or related field. Masters degree or relevant certifications (e.g., CISA, CISSP, CRISC, CISM) preferred. Minimum of 5 years of experience in governance, risk, and compliance roles, with a focus on information security and IT risk management, including audit management experience. Strong understanding of regulatory requirements and industry standards related to information security and data privacy (e.g., GDPR, HIPAA, ISO 27001). Proficiency in audit methodologies, risk assessment frameworks, compliance frameworks, and control frameworks (e.g., NIST Cybersecurity Framework, COBIT, ITIL). Excellent analytical, problem-solving, and decision-making skills. Effective communication and interpersonal skills, with the ability to collaborate with diverse stakeholders and influence change. Proven track record of leading GRC initiatives, conducting audits, and driving process improvements. Ability to work independently and manage multiple priorities in a fast-paced environment. Office Address : ANZEN Technologies Private Limited Akshar Business Park, H - 3025, 3rd Floor, Plot No. 3, Sector-25, Vashi, Navi Mumbai 400703 https://anzentech.com Immediate Joiner may apply

ANZEN Technologies Private Limited. stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. Position : Analyst - GRC Key Responsibilities: * Track and ensure adequate and timely resolution to all audit and risk assessment findings or issues relating to information security, and never miss a deadline. * Effectively and appropriately communicate audit engagement reports and recommendations to client management and resolve any client concerns or questions. * Ensure 100% certification success rate on ISMS projects. * Grow into a role with increasing responsibility. * Significant experience leading information security audits with a preference for IS0 27001 and SOC 2 audits or assessments. * Experience in leading or knowledge with implementations. * Experience authoring policies and procedures. * Significant experience working as a consultant working in a consulting firm * Significant knowledge of ISO 27001/2 and its derivatives (e.g., HITRUST, Shared Assessment) as much of our consulting and collaboration is around an ISO 27001 Information Security Management System. * Solid knowledge of the NIST 800-171/FISMA framework and is derivatives (e.g., Fed RAMP, CMS Information Security Program) as many of our clients serve government customers. * Enough Information Technology and Information Security experience to contextualize and make their recommendations relevant and valuable. * Experience and knowledge with Governance, Risk Management and Compliance. * Experience with the myriad of regulatory compliance frameworks our client base is subject to (e.g., HIPAA, PII, PCI-DSS, SOX, STARS, NERC-CIP). * Certifications that demonstrate to our clients our commitment to excellence in our craft (e.g., ISO 27001 Lead Implementer, CISA, CISSP, ISO 27001 Lead Auditor, MCSE, CEH, OSCP). * Familiarity with related standards (e.g., SSAE-16 SOC1, SOC2, ISO-22301, ISO-9001). Qualifications & Certifications : Graduated from IT Stream Experience: Candidate with 1 to 2 Years of experience. Excellent communication and interpersonal skills. Technical proficency is must Ability to work in a fast-paced environment Preferred Skills & Location Experience in Cybersecurity, IT Industry from Navi Mumbai Office Address : ANZEN Technologies Private Limited Akshar Business Park, H - 3025, 3rd Floor, Plot No. 3, Sector-25, Vashi, Navi Mumbai 400703 https://anzentech.com Immediate Joiner may apply for this position

Key Responsibilities Client Support & Advisory Act as a primary compliance advisor to assigned clients, ensuring they understand and implement relevant regulatory obligations using the Lawrbit platform. Interpret and translate jurisdiction-specific laws and regulations into actionable compliance requirements. Assist clients in setting up regulatory and compliance calendars. Conduct regular compliance reviews to ensure all mapped obligations are up to date and properly tracked. Platform Implementation & Configuration Guide clients through initial setup and ongoing configuration of the Lawrbit compliance platform. Support onboarding by customizing compliance modules and workflows based on client-specific legal and operational frameworks. Assist in defining roles, responsibilities, and reporting structures within the platform. Monitoring & Reporting Help clients create dashboards, reports, and alerts to monitor compliance status and upcoming regulatory changes. Work closely with internal legal and technology teams to escalate any gaps, legal interpretation issues, or platform improvement needs based on client feedback. Skills & Competencies Company Secretary (CS) and/or Lawyer Excellent communication and client management skills. Strong legal and regulatory research abilities. Analytical mindset with attention to detail. Ability to work independently and collaboratively with cross-functional teams. Tech-savvy, with experience navigating or implementing SaaS platforms. Adaptability to changing regulatory landscapes and client needs.

GRC Lead will manage and strengthen our Governance, Risk, and Compliance (GRC) initiatives for Managed Security Services (MSS) within the Telecom sector. The GRC Lead will be responsible for ensuring that the services we provide to our telecom clients adhere to industry standards, regulatory requirements, and robust risk management practices. This individual will play a key role in aligning our security services with client business objectives, improving our security posture, and ensuring compliance with telecom-specific regulations and frameworks. You have: 7+ years of experience in Governance, Risk, and Compliance (GRC), with at least 3 years in telecom or Managed Security Services (MSS) with a degree in Telecommunication Engineering, Computer Science, Information Security, or a related field (B.E/B.Tech/M.E/M.Tech/MCA). Expertise in telecom-specific security technologiesFirewalls, IDS/IPS, SIEM, encryption, access management, and incident response platforms. Experience working with security and compliance frameworksISO 27001, NIST CSF, PCI-DSS, GDPR, NIST SP 800-53, ETSI EN 303 645, also telecom infrastructure, including MPLS, 5G, IoT, and SDN/NFV. Familiarity with GRC tools such as RSA Archer, ServiceNow GRC, or MetricStream. Experience in telecom risk management processes, regulatory assessments, and vendor risk governance. It would be nice if you also had: Industry certifications such as CISM, CISA, CISSP, CRISC, ISO 27001 Lead Auditor/Implementer, TOGAF, or ITIL. Experience in stakeholder management, including executive communication, regulatory liaison, and conflict resolution with auditors or vendors. Strong analytical, negotiation, and project management skills in a cross-functional, multicultural telecom environment. Provide security governance leadership tailored to telecom networks, including mobile, 5G, SDN/NFV, and MPLS environments. Lead risk assessment, threat modeling, and management activities for telecom networks and emerging technologies like IoT and cloud. Ensure compliance with global and local telecom regulatory requirements (e.g., TRAI, DoT, GDPR, FCC, ETSI) through audits, reviews, and reporting. Manage and maintain telecom-specific security policies, technical and administrative controls, and compliance frameworks (ISO 27001, NIST, PCI-DSS). Act as the prime security and compliance interface towards customers, internal teams, auditors, subcontractors, and third-party suppliers. Develop and maintain a risk register, tracking treatment plans and mitigation strategies across client environments. Provide proactive consultation and guidance to customers regarding security best practices and compliance requirements. Oversee incident and crisis response activities to minimize business impact and regulatory exposure, ensuring adherence to notification guidelines. Ensure vendor security due diligence, contract compliance, and ongoing third-party risk monitoring within the telecom supply chain.

Roles and Responsibilities Troubleshoot issues related to ITSM processes, data management, and system performance. Provide training and support to end-users on ServiceNow platform features and best practices. Collaborate with stakeholders to gather requirements and develop technical documentation for new projects. Develop and customize workflows, business rules, and integrations using scripting languages like JavaScript. Design, implement, and maintain ServiceNow ITSM solutions to meet business requirements.

Technical: Security Framework Alignment and Related Controls Testing (NIST, CoBIT, ISO 27001) SOX Testing for IT Controls IT Compliance audits Vendor Risk Assessments Contribute to the enhancement/refinement of the Information Security Risks & Controls library Contribute to documentation of Information Security Policies, Standards, Processes, and Procedures. Manage and perform cybersecurity assessments on emerging/ongoing business initiatives, third-party services Evaluate third-party products/services by reviewing standardized questionnaires, evidencing their controls Keep pace with emerging technology, cyber threats, and industry trends around cybersecurity. Non-Technical: