GRC Engineer

undefined ago • 3-5 Years • Software Development & Engineering

Job Summary

Job Description

Enphase Energy is seeking a GRC Engineer for its Information Security (InfoSec) organization. This role focuses on protecting Enphase's data and technology assets from cyber risks and threats, ensuring a strong security culture. The GRC expert will drive the GRC program, supporting compliance, legal, and regulatory processes, managing risks, and overseeing controls. Key responsibilities include managing SOC2 Type2 and SOX ITGC audits, conducting security reviews, managing vulnerability governance, identifying IS risks, performing vendor security reviews, and enforcing IS policies.
Must have:
  • Manage end-to-end Enphase SOC2 Type2 audit requirements and recurring compliance activities.
  • Handle SOX ITGC audit activities including new SEC Cyber Security Requirements.
  • Work with Internal Audit Team to address IT control gaps and manage risk.
  • Conduct security reviews of internal systems and identify areas of improvement.
  • Manage Governance part of Vulnerability Management and collaborate on remediation.
  • Identify and report new IS risks in the IS Risk Registers continuously.
  • Perform Vendor Security Review for new and existing vendors; review agreements for InfoSec clauses.
  • Create, Update, and enforce IS Policies and Procedures; track compliance and conduct awareness sessions.
  • Create and maintain an information security dashboard on in-house analytics tool.
  • Drive Identity and Access Management review for critical apps.
  • Provide periodic updates to internal stakeholders on adherence to IS compliance requirements.
  • Collaborate with SecOps, Security Engineering and Product Security Team to prioritize and address security gaps.
Good to have:
  • High degree of creativity and 'out-of-the-box' thinking.
  • Able to execute multiple projects simultaneously in fast-paced environments.
  • Ability to share knowledge and collaborate by developing content and documentation.
  • Ability to work in a fast-paced, collaborative, and ever-changing global environment.
  • Takes responsibility and achieves results.
  • Must be extremely flexible and able to manage multiple tasks and priorities on very tight deadlines.
  • Outstanding organization skills.
  • Knowledge of PySpark or SparkSQL

Job Details

Description

Enphase Energy is a global energy technology company and leading provider of solar, battery, and electric vehicle charging products. Founded in 2006, Enphase transformed the solar industry with our revolutionary microinverter technology, which turns sunlight into a safe, reliable, resilient, and scalable source of energy to power our lives. Today, the Enphase Energy System helps people make, use, save, and sell their own power. Enphase is also one of the fastest growing and innovative clean energy companies in the world, with approximately 68 million products installed across more than 145 countries.

We are building teams that are designing, developing, and manufacturing next-generation energy technologies and our work environment is fast-paced, fun and full of exciting new projects.

If you are passionate about advancing a more sustainable future, this is the perfect time to join Enphase!

About the role:

Enphase Energy’s Information Security (InfoSec) organization is a growing collaborative team focused on protecting Enphase’s data and technology assets from cyber risks and threats, internal and external, while driving a security culture into the business use of IT. This is our team mission, and we are passionate about it. The InfoSec organization provides information- and cyber-security services to Enphase’s businesses and our goal is to provide safe, secure, and resilient IT services to our stakeholders.

A key part of achieving that goal is providing modern and comprehensive GRC (Governance, Risk and Compliance) to support Compliance Program areas, Legal and Regulatory processes, risks, and controls and provide oversight to ensure internal standards and applicable regulatory requirements are satisfied. Enphase’s IT Security GRC Team will perform periodic testing, monitoring, and validation of business controls for compliance with applicable laws and regulations.

To achieve these objectives, the InfoSec organization is looking for a GRC expert to drive the GRC program.

Key Responsibilities:

  • Manage end-to-end Enphase SOC2 Type2 audit requirements and recurring compliance activities.
  • Handling SOX ITGC audit activities including the new SEC Cyber Security Requirements.
  • Work with the Internal Audit Team to address IT control gap and manage risk.
  • Conduct security reviews of internal systems and identify areas of improvement.
  • Manage the Governance part of Vulnerability Management. Collaborate with teams on vulnerability remediation.
  • Identify and report new IS risks in the IS Risk Registers on a continuous basis. Report top risks to the management.
  • Perform Vendor Security Review for new and existing vendors. Review Vendor agreements for Information Security related clauses.
  • Create, Update, and enforce IS Policies and Procedures. Track policy compliance across the organization and conduct policy awareness sessions.
  • Create and maintain an information security dashboard on in-house analytics tool.
  • Drive Identity and Access Management review for critical apps.
  • Provide periodic updates to internal stakeholders on adherence to IS compliance requirements
  • Collaborate with SecOps, Security Engineering and Product Security Team to prioritize and address security gaps.

Required Skill and Experience:

  • 3-5 yrs of experience in IS GRC focusing on regulatory compliance.
  • In depth understanding of security standards and frameworks (E.g. ISO 27001, NIST CSF, PCI DSS, SOX 404, SOC2, NIS2 and PCI DSS.
  • Should be a Graduate – B.E/ B.Tech with specialization in Computer Science, IT, IS/Cyber Security, or relevant IT-related fields.
  • Should have scored 70% and above in 10th, 12th, and Graduation.
  • Knowledge of Python or similar scripting language. Knowledge of PySpark or SparkSQL is an added advantage.
  • Excellent Data Analysis and Presentation skills using Microsoft Excel and PowerPoint.
  • Certifications (Preferred): CompTIA Security+, CISA (not mandatory)
  • Highly responsive and proven professionalism in communication, interpersonal, analytical, and organizational skills.
  • Ability to synthesize a variety of data points, problem-solve, and formulate comprehensive and effective execution and risk mitigation plans.
  • Desired Skill and Experience:
  • High degree of creativity and “out-of-the-box” thinking.
  • Able to execute multiple projects simultaneously in fast-paced environments.
  • Ability to share knowledge and collaborate by developing content and documentation for distribution to other team members, managers, and customers.
  • Ability to work in a fast-paced, collaborative, and ever-changing global environment.
  • Takes responsibility and achieves results.
  • Must be extremely flexible and able to manage multiple tasks and priorities on very tight deadlines.
  • Outstanding organization skills.

Similar Jobs

Corsair - Store Manager

Corsair

Milpitas, California, United States (On-Site)
3 Months ago
AECOM - Cost Engineer

AECOM

Riyadh, Riyadh Province, Saudi Arabia (On-Site)
1 Month ago
Corsair gaming - Sr. GL Accountant

Corsair gaming

Taoyuan City, Taiwan (On-Site)
1 Month ago
kaizen gaming  - Junior Pre Event Trader (Basketball)

kaizen gaming

São Paulo, Brazil (Hybrid)
3 Weeks ago
PwC - Számviteli tanácsadó manager

PwC

Budapest, Hungary (Hybrid)
9 Months ago
Opendoor - Senior Software Engineer - Identity and Access Management (IAM)

Opendoor

Kraków, Lesser Poland Voivodeship, Poland (Hybrid)
2 Months ago
truecaller - Associate Director of Engineering

truecaller

Stockholm, Stockholm County, Sweden (On-Site)
2 Months ago
AeroSpike - Principal Performance & Reliability Engineer

AeroSpike

United States (On-Site)
2 Months ago
Apple - Sr Regulatory Compliance Engineer - Wireless

Apple

Cupertino, California, United States (On-Site)
1 Month ago
Qualcomm - RTL Design Engineer- Sr Staff

Qualcomm

Bengaluru, Karnataka, India (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Capgemini - T24 Developer

Capgemini

Bengaluru, Karnataka, India (On-Site)
2 Months ago
Informa Group - Associate Director - Community Development (China)

Informa Group

Beijing, China (On-Site)
4 Weeks ago
Blue wire software - Marketing Assistant

Blue wire software

Columbus, Ohio, United States (On-Site)
1 Month ago
SHL - Technical Operations Executive

SHL

Gurugram, Haryana, India (On-Site)
10 Months ago
dun bradstreet - Senior Associate Research Analyst

dun bradstreet

Jacksonville, Florida, United States (On-Site)
1 Month ago
Granicus - Account Executive - New Business

Granicus

United States (Remote)
3 Months ago
Inveniolsi - SAP TRM Consultant

Inveniolsi

Riyadh, Riyadh Province, Saudi Arabia (On-Site)
6 Months ago
Haleon - HR Generalist Internship

Haleon

Milan, Lombardy, Italy (On-Site)
1 Month ago
Granicus - SLED Account Executive - Local Government

Granicus

United States (Remote)
9 Months ago
Blue wire software - Service Operations Manager

Blue wire software

Budapest, Hungary (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Jobs in Bengaluru, Karnataka, India

Headout - Senior UX Writer

Headout

Bengaluru, Karnataka, India (On-Site)
2 Months ago
Alphawave Semi - Senior Engineer II - System Engineer

Alphawave Semi

Bengaluru, Karnataka, India (On-Site)
1 Month ago
caliogo - Senior Software Engineer 2

caliogo

Hyderabad, Telangana, India (On-Site)
5 Months ago
Wolters Kluwer - Production Specialist (Copy Editing)

Wolters Kluwer

Pune, Maharashtra, India (Hybrid)
1 Month ago
Paytm - Sales - Team Lead - Oil & Gas Adjacent

Paytm

Amritsar, Punjab, India (On-Site)
3 Months ago
Capgemini - Financial Accounting

Capgemini

Kolkata, West Bengal, India (On-Site)
1 Month ago
Assystems - BIM Engineer

Assystems

Navi Mumbai, Maharashtra, India (On-Site)
9 Months ago
Western Digital - Identity and Access Management Developer

Western Digital

Bengaluru, Karnataka, India (Remote)
1 Month ago
Aspire - FinCrime Analyst, Transaction Screening

Aspire

Gurugram, India (Hybrid)
2 Months ago
ISS Stoxx - Research Analyst (Financial Services)

ISS Stoxx

Mumbai, Maharashtra, India (On-Site)
2 Months ago

Get notifed when new similar jobs are uploaded

Software Development & Engineering Jobs

Brave Group (Language barrier) - Studio Engineer (Recording/Distribution)

Brave Group (Language barrier)

Tokyo, Japan (On-Site)
2 Months ago
Aristocrat - ECO Administrator, Hardware Engineering

Aristocrat

Las Vegas, Nevada, United States (On-Site)
1 Month ago
Intel  - Software Application Development Engineer

Intel

Phoenix, Arizona, United States (On-Site)
1 Month ago
Apple - Camera Mechanical Design Engineer

Apple

San Diego, California, United States (On-Site)
2 Months ago
Capgemini - SAP WM LE

Capgemini

Mumbai, Maharashtra, India (On-Site)
2 Months ago
Anthology  Inc  - Senior Software Engineer II

Anthology Inc

Bengaluru, Karnataka, India (Hybrid)
5 Months ago
Visa - Staff Software Engineer - ServiceNow/ITOM

Visa

Ashburn, Virginia, United States (Hybrid)
1 Month ago
PwC - Senior Associate SAP SD

PwC

Mumbai, Maharashtra, India (On-Site)
1 Month ago
Alphawave Semi - Senior Staff Engineer II - Custom Layout Serdes

Alphawave Semi

Vancouver, British Columbia, Canada (On-Site)
1 Month ago
Kaedim - Software Engineer

Kaedim

San Francisco, California, United States (On-Site)
12 Months ago

Get notifed when new similar jobs are uploaded

About The Company

Bengaluru, Karnataka, India (On-Site)

Frankfurt Am Main, Hessen, Germany (Remote)

San Diego, California, United States (On-Site)

Atlanta, Georgia, United States (On-Site)

Austin, Texas, United States (On-Site)

United States (On-Site)

San Diego, California, United States (On-Site)

Fremont, California, United States (On-Site)

Christchurch, Canterbury, New Zealand (On-Site)

View All Jobs

Get notified when new jobs are added by Enphase Energy

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug