5+ GRC Jobs in Bangalore (Bengaluru) | GRC Job openings in Bangalore (Bengaluru)
Apply to 5+ GRC Jobs in Bangalore (Bengaluru) on CutShort.io. Explore the latest GRC Job opportunities across top companies like Google, Amazon & Adobe.
IT services provider based out of the US
Job description – Information Security (Network)
Roles and Responsibilities
Company will provide a professional opportunity to work in a dynamic environment where you will have the ability to develop process and Cyber security based skills
Work profile of individual
- As part of the company cyber security consulting team, individual’s primary role would be to work with ISO 27k projects IT audits, ITGC audits, SSAE, SOC audits, IT Process Audit, Systems Audit, Gap assessment TPRM, GDPR, Infosec, GRC , ISMS , Cyber Security, SOX ITGC on customer engagements
- Will address all aspects of security like physical, logical, data, access etc and review Information Security policy and suggest / recommend necessary changes to the same on customer engagements
- Will be an active participant in internal / third party system security reviews and audits on customer engagements
- Will perform internal audits on all aspects of IT and ensure compliance with the prescribed security norms on customer engagements and will be responsible for tracking the open audit findings and closure of the same
- Will be responsible for implementation of new projects under Information Security Domain
- Will be able to manage document tracking and updating - policies, processes, procedures, templates etc.
- Will assist in development of proposals by owning parts of the proposal document and by giving inputs in solution design based on areas of expertise.
- Will engage with clients and(or) application development teams for implementation of cyber security & data privacy by design and data protection controls.
- Will support the clients with ongoing design, implementation and maintenance of the data privacy framework for managing data protection risk including responding to legislation, devising and owning policies and training.
- Will demonstrate ability to clearly and concisely communicate the privacy implications of technology and implementation.
Team work
- Individual would be responsible for contributing to a strong team environment and promoting a positive working relationship with their colleagues.
- Individual would predominately work with off-shore engagement teams and relevant teams on presale and cyber security delivery.
- Communication, written and verbal, with these teams would be expected.
- Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement.
- Team members would be required to handle multiple tasks at the same time.
- Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.
Desired Candidate Profile
- Bachelors
- Certifications (ISO 27001/ ISO 31000/ CISA/ CISSP/ CSX or equivalent and other relevant qualification/certification
- Experience : 3-5 years
Knowledge Required:
- Strong knowledge of information security concepts, risk and controls concepts. Strong understanding of security principals: audit, policies, guidelines, and compliance.
- Good understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management and ITGC controls
- Good understanding of technical security like network security, operating system, encryption, use of tools and technologies for various processes like logical access control, network security, security monitoring etc.
- Sound knowledge of Internal Controls and Compliance. Must be able to recommend controls around people, process, and technology.
- Sound knowledge on IT controls (especially IT risks). Good experience with control assessment, check the effectiveness of the implemented controls and recommend mitigation / improvements.
- Good knowledge on Privacy, Governance and reporting
- Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.),
- Strong verbal and written communication skills Knowledge / experience in fields of ITGC audits, Internal Audit, External Audit / Statutory Audit projects
- Candidates should exhibit good client service skill collateral's with a strong focus on building relationships.
Additional Responsibilities:
- Ability to assist in value-creating strategies and models that enable clients to innovate, drive growth and increase their business profitability
- Good knowledge on software configuration management systems and license Management systems
- Awareness of latest technologies and Industry trends
- Logical thinking and problem solving skills along with an ability to collaborate
- Understanding of the financial processes for various types of projects and the various pricing models available
- Ability to assess the current processes, identify improvement areas and suggest the technology solutions
- One or two industry domain knowledge
- Client Interfacing skills
- Project and Team management
IT services provider based out of the US
Job description- Information Security(Financial)
Roles and Responsibilities
HTC Global Security Delivery Centre will provide a professional opportunity to work in a dynamic environment where you will have the ability to develop process and Cyber security based skills
Work profile of individual
- As part of the companyC Global cyber security consulting team, individual’s primary role would be to be a part of ISO 27k projects IT audits, ITGC audits, SSAE, SOC audits, IT Process Audit, Systems Audit, Gap assessment TPRM, GDPR, Infosec, GRC , ISMS, Cyber Security, SOX ITGC on customer engagements
- Will address all aspects of security like physical, logical, data, access etc and review Information Security policy and suggest / recommend necessary changes to the same on customer engagements
- Will be an active participant in internal / third party system security reviews and audits on customer engagements.
- Will perform internal audits on all aspects of IT and ensure compliance with the prescribed security norms on customer engagements and will be responsible for tracking the open audit findings and closure of the same
- Will be able to manage document tracking and updating - policies, processes, procedures, templates etc.
- Will assist in developing proposals by owning parts of the proposal document and by giving inputs in solution design based on areas of expertise.
- Will demonstrate ability to clearly and concisely communicate the privacy implications of technology and implementation.
Team work
- Individual would be responsible for contributing to a strong team environment and promoting a positive working relationship with their colleagues.
- Individual would predominately work with off-shore engagement teams and relevant HTC Territory teams on presale and cyber security delivery.
- Communication, written and verbal, with these teams would be expected.
- Team members would be required to apply learning from trainings and on the job experience to work requests and support continuous process improvement.
- Team members would be required to handle multiple tasks at the same time.
- Detailed focus when performing work and good project management skills when managing workload and maintaining timelines will be necessary.
Desired Candidate Profile
- Bachelors
- Certifications (ISO 27001/ ISO 31000/ or equivalent and other relevant qualification/certification
- Experience : 3-5 years
Knowledge Required:
- Strong knowledge of information security concepts, risk and controls concepts. Strong understanding of security principals: audit, policies, guidelines, and compliance.
- Understanding of infrastructure (data centre, network end user computing) security / cloud security / managed security services / security operations centre / compliance risk management and ITGC controls
- Sound knowledge of Internal financial Controls and Compliance. Must be able to recommend controls around people, process, and technology.
- Sound knowledge of General Leger / Balance Sheet / Journal Entry / Budgeting / Financial fraud
- Sound knowledge on business controls and process controls. Good experience with control assessment, check the effectiveness of the implemented controls and recommend mitigation / improvements.
- Experience with the Microsoft Office suite of products (i.e. Word, Excel, PowerPoint, Visio, etc.),
- Strong verbal and written communication skills Knowledge / experience in fields of ITGC audits, Internal Audit, External Audit / Statutory Audit projects
- Candidates should exhibit good client service skill collateral's with a strong focus on building relationships.
Additional Responsibilities:
- Ability to develop value-creating strategies and models that enable clients to innovate, drive growth and increase their business profitability
- Good knowledge on software configuration management systems and license Management systems
- Awareness of latest technologies and Industry trends
- Logical thinking and problem solving skills along with an ability to collaborate
- Understanding of the financial processes for various types of projects and the various pricing models available
- Ability to assess the current processes, identify improvement areas and suggest the technology solutions
- One or two industry domain knowledge
- Client Interfacing skills
- Project and Team management
- Work effectively as a team member, share responsibility, provide support, maintain communication and update senior team members on progress of tasks
- Conduct research and assist senior team members in preparing client presentations and information memorandums
- Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments
- Develop and maintain productive working relationships with client/onsite personnel
- Understand and analyse the requirements of the project
- Prepare project documentation and procedures
- Ensuring adherence to software development life cycle while working on projects
- Assist in development / testing of SAP GRC / security solutions
- Ensure on-time delivery of allocated tasks
- Ensuring adherence to quality protocols specified for the project
- Get cross-trained on other technologies / solutions as needed
- Inculcate positive learning attitude and the zeal to upskill as well as cross-skill
- Foster teamwork and quality culture
- Understand and follow workplace policies and procedures
- Participating in the organization-wide people initiatives
- Maintain an educational program to continuously upskill
- Requirements (including experience, skills and additional qualifications)
- Knowledge and Skills Requirements (mandatory):
- Good written and verbal communication skills is a must
- Should have experience in at least 1-2 end to end implementation projects
- Rich experience in configuring and testing SAP security architecture for multiple applications like ECC, BW, SRM, Portal, S4HANA, Fiori, BPC and Success Factors
- Should have worked on configuring S4HANA and Fiori security with good understanding of App types, catalogues, groups, OData services
- Experienced in hands on configuration for setting up task profiles, data access profiles and BW authorizations
- Experience on troubleshooting access issues related to transactions, apps, queries/reports and BPC tools like analysis for office etc.
- Should have worked on success factors role-based permission framework with good understanding of permission groups and permission roles
- Understanding of SAP security processes, architecture and administration
- Hands on experience in configuration of SAP GRC access controls (access request management, business role management, emergency access management, access risk analysis, user access review and SoD review)
- Should have worked on the pre-installation and post installation steps, syncs, connectors, rule building and MSMP workflows
- Should have worked on ARA component with an understanding of the ruleset and mitigation controls
- Strong understanding of the basic SAP landscape, transports system and version compatibility concepts
- Understanding of business processes, controls frameworks, compliances and regulations, and segregation of duty concepts in an SAP ERP environment