Governance, Risk and Compliance Analyst

6 Minutes ago • 2-4 Years • Risk Management

Job Summary

Job Description

The Cybersecurity-Governance, Risk and Compliance Analyst will work closely with the GRC Manager to oversee ISO 27001 and SOC 2 Type II certifications and evaluate security frameworks. This role involves addressing customer assessment questionnaires and audits, both pre/post-sales. Key responsibilities include managing security certifications, conducting risk assessments, maintaining the risk register, and improving the security program. The analyst will also manage vendor risk, ensure audit readiness, and maintain security documentation, collaborating with teams to integrate compliance into operations.
Must have:
  • Manage and sustain security certifications (ISO 27001, SOC 2 Type II).
  • Conduct and report on risk assessments; maintain risk register.
  • Manage vendor risk management program.
  • Handle customer assessment questionnaires and audits.
  • Maintain information security documentation and policies.
  • Implement cybersecurity measures with IT and business units.
  • Assist with data governance and information rights management.
  • Computer Science Degree or equivalent experience.
  • Experience with ISO 27001 program implementation and maintenance.
  • Experience with Third Party Security Assessments.
  • Experience with Customer Questionnaires and assessments.
  • Relevant industry certifications.
Good to have:
  • Team Collaborator
  • Outcome driven
  • Effective Communicator
  • Inquisitive
  • Analytical

Job Details

Job Description

The Cybersecurity-Governance, Risk and Compliance Analyst will work very closely with the GRC Manager to oversee our ISO 27001 and SOC 2 Type II certifications and evaluate additional security frameworks. This role will also take part in addressing customer assessment questionnaires and audits, both pre/post-sales.

Mandatory Skills:

  • Work together with GRC Manager to Manage and sustain the company's multiple security certifications.
  • Continuously review the ISO 27001 Information Security Management System to ensure compliance and annual recertification eligibility.
  • Conduct risk assessments, maintain the risk register, report on risk, and work with various internal teams to mitigate risks across the organization.
  • Proactively identify areas for improvement within the security program and lead efforts to address and remediate these areas.
  • Manage the company’s vendor risk management program.
  • Ensure organizational readiness for external audits.
  • Manage pre- and post-sales customer assessment questionnaires and customer audits.
  • Maintain comprehensive information security documentation, including policies, procedures, standards, guidelines, and diagrams.
  • Recommend and implement policy and procedure changes in response to evolving security landscapes.
  • Collaborate with various teams to integrate compliance and risk management processes into daily operations.
  • Understand the role of systems and technology within the firm and their value to the business.
  • Work with IT and business units to implement effective cybersecurity measures and integrate security practices into business processes.
  • Assisting with data governance activities, producing data flow diagrams, and guiding information rights management/protection.
  • Market the security program externally putting together collateral to speak to the robustness of the program.

Experience & Qualifications

  • Computer Science Degree or substantial equivalent experience
  • Experience with implementing and maintaining ISO 27001 program
  • Experience with Third Party Security Assessment
  • Experience with Customer Questionnaire and assessments
  • Relevant industry certifications
  • Experience working with IT and Security leadership to define & articulate security strategies and program plans.

Overall IT/Security Experience: 4 years

Role Specific Experience: 2 years

Who You Are…

Only those that possess the below qualities should apply, maintaining the status quo is not good enough, we are a team of people who are never done, we always strive to improve.

  • Team Collaborator: Work across internal and external teams of all levels to proactively support the business
  • Outcome driven: Pursue impactful initiatives that move the needle on SOC operational effectiveness
  • Effective Communicator: Delivers complex information in a confident and convincing manner, appropriate to a diverse audience.
  • Inquisitive: A propensity to find out why something is the way it is, look under the covers, see if it can be improved.
  • Analytical: Gather data from multiple sources, find areas of weakness or risk and come up with solutions

Similar Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Similar Skill Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Jobs in Bengaluru, Karnataka, India

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Risk Management Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

How We Roll - Our Culture is built on these Core ValuesCandorTell it like it is — solve problems by dealing with them head onPassionWhat we do may not be for everyone, but we devour it and love making our customers successfulProfessionalism and EthicsAnyone can just "have a job" — we look for people that strive to “go pro”Keep ScoreAccountability and transparency are vitally importantCelebrate SuccessLife is short and we work hard to keep our company operating at a high levelGive BackWe expect to give back to the communities in which we do business

Bengaluru, Karnataka, India (Hybrid)

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (Remote)

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

United States (Remote)

View All Jobs

Get notified when new jobs are added by Flexera Software

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug