10+ GRC Jobs in India
Apply to 10+ GRC Jobs on CutShort.io. Find your next job, effortlessly. Browse GRC Jobs and apply today!
About Alphanext
Welcome to Alphanext, a leading provider of talent solutions headquartered in London, with operational bases in Pune and Indore. With a strong focus on the global technology community, we are dedicated to connecting exceptional talent with innovative organizations around the world.
The Role
As our new ServiceNow Technical Architect, you'll play a vital role in shaping and executing our ServiceNow platform strategy to drive innovation and ensure seamless service delivery across our global operations.
Key Responsibilities
- Defines, guides, and supports the execution of Alphanext clients' technical governance processes
- Assists in developing standards and practices for maintaining the health of Alphanext clients' ServiceNow platforms
- Supports design and implementation of a platform operating model to achieve Alphanext clients' desired outcomes and foster end-user adoption
- Provides technical evaluation of demands against Alphanext clients' ServiceNow platform architectures, platform capabilities, and best practices
- Guides ServiceNow Platform design, including considerations for integration and performance for Alphanext clients
- Assesses architecture and solution designs to support Alphanext clients' objectives including alignment with ServiceNow implementation best practices
- Offers guidance on prototyping and accelerating time from design to deployment for Alphanext clients
- Provides technical guidance in platform development and platform-wide solutions for Alphanext clients
- Advises on configuration and coding standards for Alphanext clients
- Supports remediation of configurations not aligned to ServiceNow best practices for Alphanext clients
- Assesses instance health (performance, manageability, usability, scalability, upgradability, and security) by conducting ServiceNow HealthScan for Alphanext clients
Experience you should have
- ServiceNow System Administration Certification (mandatory)
- ServiceNow HR, CSM and ITIL Foundation certification
- Experience in the following ServiceNow modules:
- ITOM – CMDB, Discovery, Service Mapping
- ITBM – Project Portfolio Management, Release Management, Agile
- HRSD (HR Service Delivery) and Finance
- GRC – Governance, Risk, and Compliance
- CSM – Customer Service Management module exp (Mandatory)
- ITSM – Incident Management, Problem Management, Change Management, Knowledge Management, Service Portal, Service Catalog
- Expertise in Client Scripts, UI Policy, UI Scripts, Script Includes, Business Rules, Scheduled Jobs
- Possess good communication skills
- ITIL Foundation Certification would be a plus or can do before joining
- Implementation Specialist certification would be a plus
The Impact You'll Make
- Establish an enterprise-wide technical architecture and implementation strategy setting the foundation for Alphanext customer's enduring ServiceNow success.
- Drive standardization and best practice platform management, enabling customer to focus on value delivery.
- Institute technical governance to optimize platform performance and minimize long-term technical risk.
- Enable rapid upgrades to new features and innovation that drive new value for Alphanext and it's customer.
- Build a platform team focused on delivering value and innovation.
Location: Abu Dhabi, United Arab Emirates (UAE)
Nationality: Any
Desired Experience: 10+ years
Job Description :
To guide and advise customers on building SOC-related services from scratch or assist in improving existing services. To assess the maturity and capability of services in scope and propose improvements. Closely working with other SOC teams, and assisting them in achieving their goals. To work closely with the rest of the Advisory team and exchange knowledge and experience.
What You’ll Do
- Deliver high-level strategy and executive advisory services.
- Lead client engagements in security advisory at the highest strategic level.
- Establish and align business principles and objectives to the long-term security operational vision by applying tactical guidance for various information security operating models.
- Perform SOC maturity assessments and build precise roadmaps based on the goals and objectives of the organization.
- Provide clients with guidance during the Initial Operating Capability (IOC) through full operational capability (FOC) covering key aspects of SOC domains such as business, process, governance, technology, people, and services.
- Create and build on the concept of operations (ConOps) in the pre-work stages that strategically prepare the client for the successful implementation of security technology and operations.
- Assist clients with recommendations in different advisory stages, such as creating security operations strategy (SOC Charter), developing training programs, assisting with use case framework implementation, developing standard operating procedures, and applying service/integrated frameworks.
- Possess the ability to identify the client's problems and use common consulting management skills such as facilitation, gap analysis, interviewing, and engaging in multiple workshops with key stakeholders.
- Collaborate with clients to define services and build technology strategies as part of the build, plan, and design phases of security operations.
- Perform as a subject matter expert (SME) in strategy conversations with C-level panels to provide exceptional IT/OT/Cloud/Physical security, compliance, regulations, and industry best practices that promote the overall mission and vision of the organization.
- Maintain a good understanding of security trends and methods for pinpointing cyber and physical security solutions that fit the client's business, financial, and technological objectives.
- Identify, build, and create cyber solutions to address security issues, perform security operations content reviews, draw conclusions, and develop strategic guidance.
- Assess and develop the current security operation effectiveness by reviewing operating procedures, workflows, policies, frameworks, and operational reporting.
- Consistently contribute towards industry-specific offerings/professional security forums/internal departmental blogs/publications/develop thought leadership.
- Contribute to the proposal process for SOC Advisory services while collaborating with other internal group members to solidify the sales pitch approach.
What you bring to the table
- 10+ years of extensive IT Security / IT Consultancy/client-facing roles related to SOC/Security operations projects (Cybersecurity Managers, IT Security Engineers, Security Analysts, Senior/Principal Security Analysts)
- Experience in SOC strategy, roadmap and documentation development, adapted to client organization (Services catalog, Security Incident Response management plan, playbooks)
- Possess the ability to support the vision and mission of any organization's security program.
- Retained proficiency in delivering high-quality and high-level strategic and advisory services.
- Possesses certifications related to enterprise information security frameworks and/or compliance, regulation-type frameworks.
- Experience in understanding complex activities and relationships quickly, assessing business and delivery risks, and communicating them effectively.
Benefits
- Schooling
- Flight & visa allowance for self and family
- Mobile Allowance
- Insurance for self & Family
- Life Insurance for self
Global IT Risk Management Company
- Guiding team member for handling technical challenges
- Conducting training sessions
- Handling user issues and providing corrective solution
- Fixing of the vulnerabilities and Upgrades of new stable version
- Sustenance and maintenance of Archer tool
- Good scripting knowledge
Desired Candidate Profiles:
- Certified RSA Archer Professional, Internal Audit & Controls, Risk (Threat), ISO 27001
- Minimum of 5 years’ experience in the respective field
- Experience of managing a GRC Team
- Strong experience of implementation, commissioning and enhancement of modules of GRC Product
- Strong Understanding of Process workflows, Identifying the manual workflows
- Expertise in configuring GRC tool (Archer)
- Experience with all SDLC activities related to GRC program implementation
at Statestreet HCL Services
Dear Candidate,
Greetings from HCL Technologies Ltd.
- Make sense of Cyber security and compliance frameworks that apply to your business or industry
• Identify business risks, taking into account the role of your hosting service provider
• Determine which Cyber security controls are required to mitigate your identified risks
• Improve collaboration and communication during Cyber security Incident mitigation and response.
• Establish the necessary framework based on NIST Framework to maintain and continually improve your information security program over time based on evolving scope and emerging risks
• Document and track efforts for evidence collection and audit preparation
- will have primary responsibility for coordinating and implementing effective Cyber Security management across the account. This role will ensure that all Supplier obligations are met regarding compliance with Security guidelines, data protection, regulations, Supplier policies, and key controls.
- provide implementation and ongoing operation of Security management framework;
- be responsible for coordinating activities to address the key Security risk exposures;
- ensure Security awareness training of, and assistance in the implementation of robust Security management practices across Security operations;
- direct the design of controls to address emerging or new Security risk and compliance requirements;
- carry out regular and frequent assurance reviews of the design and operating effectiveness of Security controls;
- implement, monitor and report on key Security risk indicators to identify and address emerging risks;
- coordinate with other Service Providers and Security functions, to facilitate client’s audits and inspections;
- manage and report on responses and actions to address Security audit points, inspection deficiencies, or control weakness identified during normal operations.
- review outcome of cyber security risk assessment, timely implement open action items and report progress to stakeholders
- incorporate vulnerability testing as an integral part of change management
- Should have good knowledge of Cyber Security Framework and controls
- CISA ,CISM or CISSP certification should be preferred.
- Have good understanding of Security policy and process along with ITSM process.
IT services provider based out of the US
Job description – Information Security (Network)
Roles and Responsibilities
Company will provide a professional opportunity to work in a dynamic environment where you will have the ability to develop process and Cyber security based skills
Work profile of individual
- As part of the company cyber security consulting team, individual’s primary role would be to work with ISO 27k projects IT audits, ITGC audits, SSAE, SOC audits, IT Process Audit, Systems Audit, Gap assessment TPRM, GDPR, Infosec, GRC , ISMS , Cyber Security, SOX ITGC on customer engagements
- Will address all aspects of security like physical, logical, data, access etc and review Information Security policy and suggest / recommend necessary changes to the same on customer engagements
- Will be an active participant in internal / third party system security reviews and audits on customer engagements
- Will perform internal audits on all aspects of IT and ensure compliance with the prescribed security norms on customer engagements and will be responsible for tracking the open audit findings and closure of the same
- Will be responsible for implementation of new projects under Information Security Domain
- Will be able to manage document tracking and updating - policies, processes, procedures, templates etc.
- Will assist in development of proposals by owning parts of the proposal document and by giving inputs in solution design based on areas of expertise.
- Will engage with clients and(or) application development teams for implementation of cyber security & data privacy by design and data protection controls.
- Will support the clients with ongoing design, implementation and maintenance of the data privacy framework for managing data protection risk including responding to legislation, devising and owning policies and training.
- Will demonstrate ability to clearly and concisely communicate the privacy implications of technology and implementation.
Team work
- Individual would be responsible for contributing to a strong team environment and promoting a positive working relationship with their colleagues.
- Individual would predominately work with off-shore engagement teams and relevant teams on presale and cyber security delivery.
- Communication, written and verbal, with these teams would be expected.
- Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement.
- Team members would be required to handle multiple tasks at the same time.
- Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.
Desired Candidate Profile
- Bachelors
- Certifications (ISO 27001/ ISO 31000/ CISA/ CISSP/ CSX or equivalent and other relevant qualification/certification
- Experience : 3-5 years
Knowledge Required:
- Strong knowledge of information security concepts, risk and controls concepts. Strong understanding of security principals: audit, policies, guidelines, and compliance.
- Good understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management and ITGC controls
- Good understanding of technical security like network security, operating system, encryption, use of tools and technologies for various processes like logical access control, network security, security monitoring etc.
- Sound knowledge of Internal Controls and Compliance. Must be able to recommend controls around people, process, and technology.
- Sound knowledge on IT controls (especially IT risks). Good experience with control assessment, check the effectiveness of the implemented controls and recommend mitigation / improvements.
- Good knowledge on Privacy, Governance and reporting
- Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.),
- Strong verbal and written communication skills Knowledge / experience in fields of ITGC audits, Internal Audit, External Audit / Statutory Audit projects
- Candidates should exhibit good client service skill collateral's with a strong focus on building relationships.
Additional Responsibilities:
- Ability to assist in value-creating strategies and models that enable clients to innovate, drive growth and increase their business profitability
- Good knowledge on software configuration management systems and license Management systems
- Awareness of latest technologies and Industry trends
- Logical thinking and problem solving skills along with an ability to collaborate
- Understanding of the financial processes for various types of projects and the various pricing models available
- Ability to assess the current processes, identify improvement areas and suggest the technology solutions
- One or two industry domain knowledge
- Client Interfacing skills
- Project and Team management
IT services provider based out of the US
Job description- Information Security(Financial)
Roles and Responsibilities
HTC Global Security Delivery Centre will provide a professional opportunity to work in a dynamic environment where you will have the ability to develop process and Cyber security based skills
Work profile of individual
- As part of the companyC Global cyber security consulting team, individual’s primary role would be to be a part of ISO 27k projects IT audits, ITGC audits, SSAE, SOC audits, IT Process Audit, Systems Audit, Gap assessment TPRM, GDPR, Infosec, GRC , ISMS, Cyber Security, SOX ITGC on customer engagements
- Will address all aspects of security like physical, logical, data, access etc and review Information Security policy and suggest / recommend necessary changes to the same on customer engagements
- Will be an active participant in internal / third party system security reviews and audits on customer engagements.
- Will perform internal audits on all aspects of IT and ensure compliance with the prescribed security norms on customer engagements and will be responsible for tracking the open audit findings and closure of the same
- Will be able to manage document tracking and updating - policies, processes, procedures, templates etc.
- Will assist in developing proposals by owning parts of the proposal document and by giving inputs in solution design based on areas of expertise.
- Will demonstrate ability to clearly and concisely communicate the privacy implications of technology and implementation.
Team work
- Individual would be responsible for contributing to a strong team environment and promoting a positive working relationship with their colleagues.
- Individual would predominately work with off-shore engagement teams and relevant HTC Territory teams on presale and cyber security delivery.
- Communication, written and verbal, with these teams would be expected.
- Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement.
- Team members would be required to handle multiple tasks at the same time.
- Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.
Desired Candidate Profile
- Bachelors
- Certifications (ISO 27001/ ISO 31000/ or equivalent and other relevant qualification/certification
- Experience : 3-5 years
Knowledge Required:
- Strong knowledge of information security concepts, risk and controls concepts. Strong understanding of security principals: audit, policies, guidelines, and compliance.
- Understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management and ITGC controls
- Sound knowledge of Internal financial Controls and Compliance. Must be able to recommend controls around people, process, and technology.
- Sound knowledge of General Leger / Balance Sheet / Journal Entry / Budgeting / Financial fraud
- Sound knowledge on business controls and process controls. Good experience with control assessment, check the effectiveness of the implemented controls and recommend mitigation / improvements.
- Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.),
- Strong verbal and written communication skills Knowledge / experience in fields of ITGC audits, Internal Audit, External Audit / Statutory Audit projects
- Candidates should exhibit good client service skill collateral's with a strong focus on building relationships.
Additional Responsibilities:
- Ability to develop value-creating strategies and models that enable clients to innovate, drive growth and increase their business profitability
- Good knowledge on software configuration management systems and license Management systems
- Awareness of latest technologies and Industry trends
- Logical thinking and problem solving skills along with an ability to collaborate
- Understanding of the financial processes for various types of projects and the various pricing models available
- Ability to assess the current processes, identify improvement areas and suggest the technology solutions
- One or two industry domain knowledge
- Client Interfacing skills
- Project and Team management
A Predictive analytics organization with well funded
What The Role Is
We are looking for an GRC Operations Officer based in Chennai. This is a new role within the growing IT Compliance function, where you will be responsible for handling audits, implementation of information security policies etc,. The successful candidate will be comfortable working with the team on implementing frameworks and providing support for internal and external stakeholders. Reporting to the IT Compliance Officer for our Chennai team, this role is integral to the successful growth of the team as well as wider company performance.
What You’ll Do
- Contribute and assist with continuous improvement of company policies, practices, and procedures
- Review, modify and maintain existing practices and policies to reflect our operations and values within specific industry-standard frameworks like ISO and NIST, among others
- Provide support for internal and third-party audits
- Respond to due diligence and TPRM requests from customers and other interested parties.
- Support internal staff with GRC-related questions and topics
- Develop, maintain and execute awareness programs
- Be a local representative of the company’s GRC group and manage the physical security requirements for the location
- Work independently and prioritize multiple tasks and adapt to needed changes
- Effectively communicate risks to diverse audiences, both in writing and verbally
- Apply a risk-based approach to planning, executing, and reporting on audit engagements and auditing process;
What You’ll Bring
- 2-5 years IT Security, IT risk, IT auditing, and/or IT Compliance experience within a technology company, accounting firm, or others.
- Bachelor's degree or equivalent work experience working in compliance/GRC team.
- Exceptional organisational skills and attention to details.
- Knowledge of applicable domestic and internationally recognized information security management, governance, and compliance principles, practices, laws, rules and regulations;
- Information systems auditing, monitoring, controlling, and assessment process.
Perks & Benefits:
- Competitive base salary
- Equity - every employee is a stakeholder in our enormous upside
- A tech-first company culture driven by entrepreneurial thinking and talent
- A great team working in unison towards the same mission
- Transparency is what our product is built on—and so is our culture
- Generous health insurance benefits for employees and their dependents
- Parental leave.
- Flexible work schedule and work-from-home options
- Flexible PTO
- Work effectively as a team member, share responsibility, provide support, maintain communication and update senior team members on progress of tasks
- Conduct research and assist senior team members in preparing client presentations and information memorandums
- Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments
- Develop and maintain productive working relationships with client/onsite personnel
- Understand and analyse the requirements of the project
- Prepare project documentation and procedures
- Ensuring adherence to software development life cycle while working on projects
- Assist in development / testing of SAP GRC / security solutions
- Ensure on-time delivery of allocated tasks
- Ensuring adherence to quality protocols specified for the project
- Get cross-trained on other technologies / solutions as needed
- Inculcate positive learning attitude and the zeal to upskill as well as cross-skill
- Foster teamwork and quality culture
- Understand and follow workplace policies and procedures
- Participating in the organization-wide people initiatives
- Maintain an educational program to continuously upskill
- Requirements (including experience, skills and additional qualifications)
- Knowledge and Skills Requirements (mandatory):
- Good written and verbal communication skills is a must
- Should have experience in at least 1-2 end to end implementation projects
- Rich experience in configuring and testing SAP security architecture for multiple applications like ECC, BW, SRM, Portal, S4HANA, Fiori, BPC and Success Factors
- Should have worked on configuring S4HANA and Fiori security with good understanding of App types, catalogues, groups, OData services
- Experienced in hands on configuration for setting up task profiles, data access profiles and BW authorizations
- Experience on troubleshooting access issues related to transactions, apps, queries/reports and BPC tools like analysis for office etc.
- Should have worked on success factors role-based permission framework with good understanding of permission groups and permission roles
- Understanding of SAP security processes, architecture and administration
- Hands on experience in configuration of SAP GRC access controls (access request management, business role management, emergency access management, access risk analysis, user access review and SoD review)
- Should have worked on the pre-installation and post installation steps, syncs, connectors, rule building and MSMP workflows
- Should have worked on ARA component with an understanding of the ruleset and mitigation controls
- Strong understanding of the basic SAP landscape, transports system and version compatibility concepts
- Understanding of business processes, controls frameworks, compliances and regulations, and segregation of duty concepts in an SAP ERP environment