Senior Security Analyst - GRC

7 Months ago • 4-7 Years

Job Summary

Job Description

The Senior Security Analyst - GRC is responsible for ensuring the organization maintains compliance with regulatory guidelines and industry-standard certifications such as ISO 27001 and PCI DSS. This role involves auditing and maintaining evidence for external audits, creating and reviewing InfoSec policies/procedures, and providing recommendations about InfoSec controls based on industry best practices. The analyst will also foster an information security culture, assess IT controls, conduct risk assessments, collaborate on risk treatment decisions, and assist in implementing and monitoring controls to achieve compliance. Responsibilities include leading audits, evaluating policies, assessing risk, ensuring compliance, supporting vendor due diligence, developing and monitoring policies, maintaining an IT Risk Register, understanding cloud infrastructure controls, and providing guidance on security best practices.
Must have:
  • 4-7 years of experience in Information Security or IT audit
  • Strong understanding of security frameworks (ISO 27001, PCI DSS, NIST)
  • Ability to work independently without constant supervision
  • Critical thinking and analytical ability
  • Excellent verbal and written communication skills
Good to have:
  • Knowledge of finance regulation & RBI Guidelines in India
  • Certification in information security management (CISM, CISSP, CISA)

Job Details

About Fi-Money [EpiFi Technologies]


Who we are: Simply put, a FinTech startup for digital natives. Our mission is to help our users demystify their finances, maximize their savings and spend intelligently. We are building a highly secure hub, a savings account that allows you to consolidate your finances in a single intuitive view.Who we are looking for: Exceptional, innovative people! Passionate about delightful user experiences, clear about doing the right thing and hungry to impact millions of lives.Why you should work with us: We are about doing the right thing always, both for our team and users. We are a positive, transparent and inclusive community celebrating success together, encouraging bias for action and individual brilliance. We are ambitious and want everyone thinking - impact and growth. Our office is not just fun, it is human, nimble and business-like.With rich experience in the world's leading tech companies and banks, we deeply and equally understand both the fin- and - tech- in fintech. Funded by leading global VCs, we’re in pursuit of a fantastic experience for both our consumers and colleagues.

What this role is about:

The Senior Security Analyst - GRC is responsible for ensuring that the organization maintains compliance with regulatory guidelines and industry-standard certifications such as ISO 27001, and PCI DSS.This role includes auditing and maintaining evidence required for external audits, creating and reviewing InfoSec policies/procedures, and providing recommendations about InfoSec controls based on the industry's best practices.You will foster an information security culture within the company and help assess IT controls, conduct risk assessments for a variety of information assets, collaborate in risk treatment decisions, and assist in implementing/monitoring controls to achieve compliance.


Responsibilities:

  • Lead the planning, execution, and coordination of internal and external audits.
  • Evaluate existing policies, procedures, and controls to ensure compliance with applicable laws, regulations, and industry standards.
  • Assessing risk and compliance status against Information Security policies, proposing controls for risk remediation, and tracking the implementation status of controls.
  • Ensure compliance with laws, regulations, and industry standards, and compliance programs like ISO 27001, PCI DSS, and various guidelines from RBI, NPCI, SEBI, etc.
  • Support vendor due diligence process and help the third-party risk management efforts.
  • Develop, implement, and monitor information security policies and procedures.
  • Responsible for maintaining an IT Risk Register and collaborating with stakeholders for risk management.
  • Basic understanding of cloud infrastructure and controls.
  • Maintaining evidence required for external audits.
  • Using project management techniques for planning, anticipating roadblocks, and stakeholder communication.
  • Provide guidance and support to teams across the organisation on security best practices.

Requirements:

  • 4 - 7 years of experience in Information Security, Risk Management, or IT audit.
  • Strong understanding of security frameworks and standards (e.g., ISO 27001, PCI DSS, NIST).
  • Knowledge of finance (Govt. ) Regulation & RBI Guidelines in India is a plus.
  • Certification in information security management (e.g., CISM, CISSP, CISA) is preferable.
  • Ability to work independently and productively without constant supervision.
  • Critical thinking and analytical ability.
  • Excellent verbal and written communication skills.
Selection Process :  Once you apply via the career page, we will reach out and reach out to schedule 3-4 rounds of video interviews with leadership & key stakeholders. In addition to assessing your technical/coding experience, expect at least 3 rounds to assess your communication & articulation ability, general aptitude, attitude and cultural fitment.

We are currently functioning from office in Bangalore.
 

We aspire to create an inclusive culture of diverse people not just because it's the right thing to do but because heterogeneity inspires us and is more fun! We employ people solely on merit and do not discriminate against any employee or applicant because of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, marital status, pregnancy or related condition (including breastfeeding), or any other basis protected by law.

Similar Jobs

Krafton  - Associate - Talent Acquisition

Krafton

Bengaluru, Karnataka, India (On-Site)
1 Month ago
Google - Technical Program Manager, Android Privacy Working Group

Google

Bengaluru, Karnataka, India (On-Site)
2 Weeks ago
hh exchange - FP&A Analyst

hh exchange

(Remote)
1 Day ago
CoolGames - Internship Community Manager

CoolGames

North Holland, Netherlands (On-Site)
1 Month ago
Amber - Game Designer - Mobile (Project Based)

Amber

(Remote)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Eleven Labs - Sales Development Representative - EMEA (French, Spanish, German)

Eleven Labs

United Kingdom (Remote)
1 Month ago
Google - Talent Engagement Specialist, gReach Program for People with Disabilities

Google

Guangdong Province, China (On-Site)
2 Days ago
Epic Games - Partner Operations Release Manager

Epic Games

Cary, North Carolina, United States (On-Site)
1 Month ago
Milestone - Inside Channel Manager

Milestone

North Brabant, Netherlands (Hybrid)
2 Weeks ago
Workato - Group Product Manager (Copilots)

Workato

Singapore, Singapore (On-Site)
8 Hours ago
Netflix - Creative Partner Manager - Operations Partnerships - EMEA

Netflix

Amsterdam, North Holland, Netherlands (On-Site)
2 Weeks ago
NVIDIA - Senior Software Architect, Advanced Development

NVIDIA

Yokne'am Illit, North District, Israel (On-Site)
3 Months ago
Socialpoint - Senior Software Engineer (GameOps Tools)

Socialpoint

Barcelona, Catalonia, Spain (Hybrid)
2 Weeks ago
Netflix - Manager, Retail Strategy – Grocery & Convenience Channels

Netflix

Los Angeles, California, United States (On-Site)
2 Weeks ago
Trackman - Simulator Design Project Manager

Trackman

Phoenix, Arizona, United States (On-Site)
3 Months ago

Get notifed when new similar jobs are uploaded

Jobs in Bengaluru, Karnataka, India

Cubic Corporation - System Administrator

Cubic Corporation

Hyderabad, Telangana, India (On-Site)
1 Day ago
PwC - Senior Associate_Snowflake Developer_Data & Analytics_Advisory_PAN  India

PwC

Kolkata, West Bengal, India (On-Site)
7 Months ago
YouGov - Workday Support Specialist

YouGov

Bengaluru, Karnataka, India (On-Site)
10 Hours ago
PwC - Senior Associate  - Technology Consulting

PwC

Mumbai, Maharashtra, India (On-Site)
7 Months ago
Aera Technology - Senior Performance Engineer

Aera Technology

Pune, Maharashtra, India (On-Site)
6 Months ago
SATMAT TECHNOLOGIES - QA Engineer

SATMAT TECHNOLOGIES

Thane, Maharashtra, India (On-Site)
5 Months ago
Framestore - COMPOSITING SUPERVISOR

Framestore

Mumbai, Maharashtra, India (On-Site)
11 Months ago
Google - Senior Software Engineer, Core Data

Google

Bengaluru, Karnataka, India (On-Site)
3 Days ago
Dream Sports - Senior Manager - Premium Sales

Dream Sports

Bengaluru, Karnataka, India (On-Site)
1 Month ago
Assystems - Project Engineering Manager – Substation (Head of Electrical Engineering)

Assystems

Gurugram, Haryana, India (On-Site)
6 Months ago

Get notifed when new similar jobs are uploaded

Similar Category Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

Bengaluru, Karnataka, India (On-Site)

Delhi, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

Bengaluru, Karnataka, India (On-Site)

View All Jobs

Get notified when new jobs are added by Fi

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug