790 Grc Jobs - Page 32

Role & responsibilities : Interact with client business & technology stakeholders to define, analyze and deliver requirements. Develop functional, design and other applicable artefacts/documentation Configure/Customize solution, perform unit & integrated testing, UAT support, promote code level changes to higher environment. Support production issues and conduct end user trainings Work along with team on POC and Demo Preferred candidate profile : Knowledge, skills and abilities: Working knowledge of Governance, Risk & Compliance (GRC) domain, Archer platform and open to learn ServiceNow platform Hands on experience in system administration and configuration activities in Archer. Understanding and working experience of Core and Custom GRC solutions in Archer. Archer certificated (preferred). Archer resource with JavaScript, HTML, CSS, XML and REST/SOAP Web Services (preferred).

Role & responsibilities : • Interact with client business & technology stakeholders to define, analyze and deliver requirements. Develop functional , design and other applicable artefacts/documentation Configure/Customize solution, perform unit & integrated testing, UAT support, promote code level changes to higher environment. Support production issues and conduct end user trainings Preferred candidate profile : Working knowledge of Governance, Risk & Compliance (GRC) domain, Archer platform and open to learn ServiceNow platform • Hands on experience in system administration and configuration activities in Archer. • Understanding and working experience of Core and Custom GRC solutions in Archer. • Archer certificated (preferred). • Archer resource with JavaScript, HTML, CSS, XML and REST/SOAP Web Services (preferred )

Warm Greetings from SP Staffing!! Role: Servicenow Developer Experience Required :6 to 8 yrs Work Location :Pune/Chennai/Bangalore Required Skills, 1. ServiceNow Service Catalogs 2. ITSM UI Policies, ACL, Business rules 3. Catalog client scripts 4. Flow designer 5. Javascript Interested candidates can send resumes to nandhini.spstaffing@gmail.com

Cyber and 3rd party risk manager About Amgen Amgen harnesses the best of biology and technology to fight the world’s toughest diseases, and make people’s lives easier, fuller and longer. We discover, develop, manufacture and deliver innovative medicines to help millions of patients. Amgen helped establish the biotechnology industry more than 40 years ago and remains on the cutting-edge of innovation, using technology and human genetic data to push beyond what’s known today. What you will do Role Description This is a lead role to support the risk management product team in identifying, analyzing, and mitigating IT-related risks to the organization. This role will involve working closely with various departments to ensure that risk controls are in place, policies are adhered to, and security standards are met. The IT Risk Analyst will assist in developing and maintaining risk management frameworks, performing assessments, and supporting regulatory compliance efforts. Roles & Responsibilities Risk Management Leadership Support the global risk management and third-party organization in leading a team of risk analysts performing tasks related to the global risk assessment processes. Risk Identification and Assessment: Conduct risk assessments to identify vulnerabilities in IT systems, processes, and policies. Assist in the identification and evaluation of risks associated with third-party vendors and partners. Maintain the IT risk register, documenting risks, issues, and remediation actions. Risk Mitigation and Monitoring: Recommend risk mitigation strategies and implement risk management controls across IT infrastructure. Collaborate with IT, cybersecurity, and business teams to track and resolve identified risks and vulnerabilities. Monitor and report on the effectiveness of existing IT risk controls and recommend enhancements as needed. Compliance and Regulatory Support: Ensure compliance with relevant industry standards and regulatory requirements (e.g., GDPR, SOX, PCI-DSS, NIST). Assist in the preparation for audits by internal and external parties, providing documentation and evidence of IT risk management practices. Support the development and implementation of IT governance, risk, and compliance frameworks. Vendor Risk Management: Conduct vendor risk assessments, ensuring third-party services and products align with internal risk and security policies. Regularly review vendor performance and risk exposure, working with procurement and legal teams as necessary. What we expect of you We are all different, yet we all use our unique contributions to serve patients. The [vital attribute] professional we seek is a [type of person] with these qualifications. Basic Qualifications and Experience Education: Bachelor’s degree in information technology, Cybersecurity, Risk Management, or a related field. Certifications such as CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information Systems Auditor), or CISSP (Certified Information Systems Security Professional) are highly desirable. Experience 4-6 years of experience in IT risk management, IT auditing, or information security. Hands-on experience with risk management tools and frameworks (e.g., ISO 27001, NIST, COBIT). Skills and Competencies: Strong understanding of IT infrastructure, systems, and security best practices. Ability to assess technical and business risk related to information systems. Excellent problem-solving, analytical, and communication skills. Ability to communicate complex risk concepts to non-technical stakeholders. Ability to assess and interpret security-related clauses in third-party contracts, such as Security Requirements Schedules (SRS) Familiarity with regulatory frameworks and compliance standards (e.g., GDPR, HIPAA, SOX, PCI-DSS). Technical Knowledge: Proficiency with risk management tools, GRC (Governance, Risk, and Compliance) software, and security incident management tools. Experience with security controls related to networks, databases, and cloud environments. Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills Collaboration with global teams What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Job Overview: We are seeking a ServiceNow Technical Architect who can play a dual role driving presales activities and providing technical leadership for solution architecture. The ideal candidate is customer-facing, confident in presenting solutions, and capable of designing scalable, end-to-end ServiceNow implementations aligned with client needs. Key Responsibilities: Presales Responsibilities: Engage with customers during early conversations to understand business requirements and pain points Own and deliver technical presentations, demos, and solution walk-throughs to customers Collaborate with the sales team to craft winning proposals, solution documents, and effort estimations Respond to RFPs/RFIs with high-quality, scalable solution designs Influence stakeholders with strong storytelling and articulation of ServiceNow capabilities Technical Architect Responsibilities: Design ServiceNow solutions across modules like ITSM, ITOM, CSM, HRSD, etc. Define and drive architecture blueprints, ensuring alignment with best practices and platform capabilities Guide technical teams during the implementation phase with clear direction and oversight Lead discussions on integrations, data flow, performance optimization, and scalability Ensure technical quality, governance, and consistency across all project phases Act as a trusted advisor to clients throughout their ServiceNow journey Required Skills & Experience: 10+ years of total IT experience with 5+ years in ServiceNow architecture and implementation Deep knowledge of multiple ServiceNow modules and capabilities Hands-on technical skills: scripting, integrations, performance tuning, platform architecture Strong presales and customer engagement experience Excellent verbal and written communication skills Ability to simplify complex ideas and present them confidently to executive stakeholders ServiceNow certifications (CIS, CTA, or equivalent) highly preferred

Experience in Data protection, Data Privacy, Information security GRC consultants with experience working in Manufacturing/Automotive domain. Loc- Pune(Akurdi) Exp- 3+ years Interested candidates Apply/Send resume to preethi.kumar@harjai.com

Corporate IT Security and Governance, exp. in Information Security, ISO 27001 Implementation , Documentation. risk assessment , 2nd Line of Defense , Control Review, Control Testing, ITGC controls. ,corporate policies and procedures, GAP Analysis,

• Configure and customize the ServiceNow GRC modules

ANZEN Technologies Private Limited. stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. Qualifications: 1. B.E / MSc in Information Technology, Computer Science or related field. 2. Basics understanding of fundamental concepts in GRC, Cybersecurity, Networking and Information Security. 3. Good communication & documentation skills. Candidate should possess basic knowledge of following standards: 1. ISO 27001:2022 (ISMS) 2. DPDP Act. 2023 Certification: (Optional): 1. ISO 27001 LA or LI 2. Any course/training related to cybersecurity Internship Duration - 6 months Office Address : ANZEN Technologies Private Limited Akshar Business Park, H - 3025, 3rd Floor, Plot No. 3, Sector-25, Vashi, Navi Mumbai 400703 https://anzentech.com Immediate Joiner may apply and come for Interview

ANZEN Technologies Private Limited. stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. Position : Senior Associate Consultant Key Responsibilities: GRC Strategy and Planning: Develop and implement comprehensive GRC strategies, policies, and procedures aligned with organizational goals and objectives. Define and prioritize GRC initiatives based on risk assessments, regulatory requirements, and industry best practices. Continuously evaluate and update GRC frameworks to adapt to evolving threats and compliance landscapes. Risk Management: Conduct risk assessments to identify, analyze, and prioritize risks across the organization. Develop risk mitigation strategies and controls to address identified risks effectively. Monitor and report on risk exposure and mitigation efforts to senior management and stakeholders. Compliance Management: Ensure compliance with relevant laws, regulations, and industry standards, such as GDPR, HIPAA, PCI DSS, etc. Monitor changes in regulatory requirements (SEBI, RBI, IRDAI etc) and assess their impact on the organization's compliance posture. Coordinate compliance audits, assessments, and certifications, and remediate any identified issues or deficiencies. Audit Management: Plan, coordinate, and oversee internal and external audit activities, including IT audits, compliance audits, and third-party audits. Develop audit plans, programs, and testing procedures to assess the effectiveness of controls and compliance with policies and regulations. Review audit findings, assess control deficiencies, and collaborate with stakeholders to develop and implement remediation plans. Monitor and track the progress of audit remediation efforts and report on the status to senior management and audit committees. Policy Development and Enforcement: Develop, review, and update information security policies, standards, and guidelines in alignment with regulatory requirements and industry best practices. Establish mechanisms for policy enforcement and monitor adherence to policies across the organization. Cross-Functional Collaboration: Collaborate with internal stakeholders, including IT, legal, finance, and operations, to integrate GRC principles into business processes and initiatives. Provide guidance and support to business units on GRC-related matters, including risk assessments, compliance requirements, and controls implementation. Training and Awareness: Develop and deliver GRC training programs and awareness campaigns to educate employees on their roles and responsibilities in maintaining compliance and managing risks. Foster a culture of compliance and risk awareness throughout the organization. Qualifications and Skills: Bachelor's degree in Information Security, Risk Management, Business Administration, or related field. Masters degree or relevant certifications (e.g., CISA, CISSP, CRISC, CISM) preferred. Minimum of 5 years of experience in governance, risk, and compliance roles, with a focus on information security and IT risk management, including audit management experience. Strong understanding of regulatory requirements and industry standards related to information security and data privacy (e.g., GDPR, HIPAA, ISO 27001). Proficiency in audit methodologies, risk assessment frameworks, compliance frameworks, and control frameworks (e.g., NIST Cybersecurity Framework, COBIT, ITIL). Excellent analytical, problem-solving, and decision-making skills. Effective communication and interpersonal skills, with the ability to collaborate with diverse stakeholders and influence change. Proven track record of leading GRC initiatives, conducting audits, and driving process improvements. Ability to work independently and manage multiple priorities in a fast-paced environment. Office Address : ANZEN Technologies Private Limited Akshar Business Park, H - 3025, 3rd Floor, Plot No. 3, Sector-25, Vashi, Navi Mumbai 400703 https://anzentech.com Immediate Joiner may apply

ANZEN Technologies Private Limited. stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. Position : Analyst - GRC Key Responsibilities: * Track and ensure adequate and timely resolution to all audit and risk assessment findings or issues relating to information security, and never miss a deadline. * Effectively and appropriately communicate audit engagement reports and recommendations to client management and resolve any client concerns or questions. * Ensure 100% certification success rate on ISMS projects. * Grow into a role with increasing responsibility. * Significant experience leading information security audits with a preference for IS0 27001 and SOC 2 audits or assessments. * Experience in leading or knowledge with implementations. * Experience authoring policies and procedures. * Significant experience working as a consultant working in a consulting firm * Significant knowledge of ISO 27001/2 and its derivatives (e.g., HITRUST, Shared Assessment) as much of our consulting and collaboration is around an ISO 27001 Information Security Management System. * Solid knowledge of the NIST 800-171/FISMA framework and is derivatives (e.g., Fed RAMP, CMS Information Security Program) as many of our clients serve government customers. * Enough Information Technology and Information Security experience to contextualize and make their recommendations relevant and valuable. * Experience and knowledge with Governance, Risk Management and Compliance. * Experience with the myriad of regulatory compliance frameworks our client base is subject to (e.g., HIPAA, PII, PCI-DSS, SOX, STARS, NERC-CIP). * Certifications that demonstrate to our clients our commitment to excellence in our craft (e.g., ISO 27001 Lead Implementer, CISA, CISSP, ISO 27001 Lead Auditor, MCSE, CEH, OSCP). * Familiarity with related standards (e.g., SSAE-16 SOC1, SOC2, ISO-22301, ISO-9001). Qualifications & Certifications : Graduated from IT Stream Experience: Candidate with 1 to 2 Years of experience. Excellent communication and interpersonal skills. Technical proficency is must Ability to work in a fast-paced environment Preferred Skills & Location Experience in Cybersecurity, IT Industry from Navi Mumbai Office Address : ANZEN Technologies Private Limited Akshar Business Park, H - 3025, 3rd Floor, Plot No. 3, Sector-25, Vashi, Navi Mumbai 400703 https://anzentech.com Immediate Joiner may apply for this position

Key Responsibilities Client Support & Advisory Act as a primary compliance advisor to assigned clients, ensuring they understand and implement relevant regulatory obligations using the Lawrbit platform. Interpret and translate jurisdiction-specific laws and regulations into actionable compliance requirements. Assist clients in setting up regulatory and compliance calendars. Conduct regular compliance reviews to ensure all mapped obligations are up to date and properly tracked. Platform Implementation & Configuration Guide clients through initial setup and ongoing configuration of the Lawrbit compliance platform. Support onboarding by customizing compliance modules and workflows based on client-specific legal and operational frameworks. Assist in defining roles, responsibilities, and reporting structures within the platform. Monitoring & Reporting Help clients create dashboards, reports, and alerts to monitor compliance status and upcoming regulatory changes. Work closely with internal legal and technology teams to escalate any gaps, legal interpretation issues, or platform improvement needs based on client feedback. Skills & Competencies Company Secretary (CS) and/or Lawyer Excellent communication and client management skills. Strong legal and regulatory research abilities. Analytical mindset with attention to detail. Ability to work independently and collaboratively with cross-functional teams. Tech-savvy, with experience navigating or implementing SaaS platforms. Adaptability to changing regulatory landscapes and client needs.

GRC Lead will manage and strengthen our Governance, Risk, and Compliance (GRC) initiatives for Managed Security Services (MSS) within the Telecom sector. The GRC Lead will be responsible for ensuring that the services we provide to our telecom clients adhere to industry standards, regulatory requirements, and robust risk management practices. This individual will play a key role in aligning our security services with client business objectives, improving our security posture, and ensuring compliance with telecom-specific regulations and frameworks. You have: 7+ years of experience in Governance, Risk, and Compliance (GRC), with at least 3 years in telecom or Managed Security Services (MSS) with a degree in Telecommunication Engineering, Computer Science, Information Security, or a related field (B.E/B.Tech/M.E/M.Tech/MCA). Expertise in telecom-specific security technologiesFirewalls, IDS/IPS, SIEM, encryption, access management, and incident response platforms. Experience working with security and compliance frameworksISO 27001, NIST CSF, PCI-DSS, GDPR, NIST SP 800-53, ETSI EN 303 645, also telecom infrastructure, including MPLS, 5G, IoT, and SDN/NFV. Familiarity with GRC tools such as RSA Archer, ServiceNow GRC, or MetricStream. Experience in telecom risk management processes, regulatory assessments, and vendor risk governance. It would be nice if you also had: Industry certifications such as CISM, CISA, CISSP, CRISC, ISO 27001 Lead Auditor/Implementer, TOGAF, or ITIL. Experience in stakeholder management, including executive communication, regulatory liaison, and conflict resolution with auditors or vendors. Strong analytical, negotiation, and project management skills in a cross-functional, multicultural telecom environment. Provide security governance leadership tailored to telecom networks, including mobile, 5G, SDN/NFV, and MPLS environments. Lead risk assessment, threat modeling, and management activities for telecom networks and emerging technologies like IoT and cloud. Ensure compliance with global and local telecom regulatory requirements (e.g., TRAI, DoT, GDPR, FCC, ETSI) through audits, reviews, and reporting. Manage and maintain telecom-specific security policies, technical and administrative controls, and compliance frameworks (ISO 27001, NIST, PCI-DSS). Act as the prime security and compliance interface towards customers, internal teams, auditors, subcontractors, and third-party suppliers. Develop and maintain a risk register, tracking treatment plans and mitigation strategies across client environments. Provide proactive consultation and guidance to customers regarding security best practices and compliance requirements. Oversee incident and crisis response activities to minimize business impact and regulatory exposure, ensuring adherence to notification guidelines. Ensure vendor security due diligence, contract compliance, and ongoing third-party risk monitoring within the telecom supply chain.

Roles and Responsibilities Troubleshoot issues related to ITSM processes, data management, and system performance. Provide training and support to end-users on ServiceNow platform features and best practices. Collaborate with stakeholders to gather requirements and develop technical documentation for new projects. Develop and customize workflows, business rules, and integrations using scripting languages like JavaScript. Design, implement, and maintain ServiceNow ITSM solutions to meet business requirements.

Technical: Security Framework Alignment and Related Controls Testing (NIST, CoBIT, ISO 27001) SOX Testing for IT Controls IT Compliance audits Vendor Risk Assessments Contribute to the enhancement/refinement of the Information Security Risks & Controls library Contribute to documentation of Information Security Policies, Standards, Processes, and Procedures. Manage and perform cybersecurity assessments on emerging/ongoing business initiatives, third-party services Evaluate third-party products/services by reviewing standardized questionnaires, evidencing their controls Keep pace with emerging technology, cyber threats, and industry trends around cybersecurity. Non-Technical: