GRC Jobs in Pune

2+ GRC Jobs in Pune | GRC Job openings in Pune

Apply to 2+ GRC Jobs in Pune on CutShort.io. Explore the latest GRC Job opportunities across top companies like Google, Amazon & Adobe.

Principal GRC Specialist

B2B Product

Agency job

via Scaling Theory by Keerthana Prabkharan

Remote, Pune

14 - 20 yrs

₹25L - ₹50L / yr

GRC

EMC RSA Archer

ServiceNow

Implementation

ISO/IEC 27001:2005

+2 more

What will you do?

Governance and Policy Development

· Develop, implement, and maintain governance policies, SOPs, and related documentation.

· Ensure all policies align with industry standards (e.g., FedRAMP, NIST SP 800-53, ISO 27001 family, and HIPAA).

· Monitor policy effectiveness and recommend updates based on organizational changes or regulatory updates.

Risk Management

· Conduct risk assessments to identify vulnerabilities, threats, and compliance gaps.

· Collaborate with cross-functional teams to design and implement remediation strategies.

· Maintain risk registers and monitor mitigation efforts.

Compliance Oversight

· Support the organization in achieving and maintaining FedRAMP certification.

· Manage periodic audits, security assessments, and readiness activities for compliance frameworks.

· Track and report on compliance metrics, audit findings, and resolution status.

Training and Awareness

· Develop and deliver training programs to enhance employee understanding of compliance policies and procedures.

· Act as a point of contact for compliance-related queries within the organization.

Incident Response and Reporting

· Support incident response processes to ensure effective investigation and reporting of compliance-related incidents.

· Collaborate with stakeholders to implement corrective actions and prevent recurrence.

Vendor and Third-Party Risk Management

· Assess third-party vendors for compliance with organizational policies and standards.

· Ensure contracts include appropriate compliance requirements.

What do you bring to the table?

Education & Experience

· Overall 12- 15 years of relevant experience

· Bachelor's degree in Information Technology, Cybersecurity, Risk Management, or related field (Master’s preferred).

· 3+ years of experience in governance, risk, and compliance roles, with specific experience in FedRAMP compliance.

Knowledge & Skills

· Strong understanding of FedRAMP, NIST SP 800-53, ISO 27001, and other relevant frameworks.

· Experience in drafting policies, procedures, and SOPs.

· Familiarity with GRC tools and platforms (e.g., Archer, ServiceNow GRC).

· Excellent communication and documentation skills.

· Analytical mindset with attention to detail.

Certifications (Preferred)

· Certified Information Systems Security Professional (CISSP)

· Certified Information Systems Auditor (CISA)

· Certified Information Security Manager (CISM)

· ISO 27001 Lead or Internal auditor

What will you do?

Governance and Policy Development

· Develop, implement, and maintain governance policies, SOPs, and related documentation.

· Ensure all policies align with industry standards (e.g., FedRAMP, NIST SP 800-53, ISO 27001 family, and HIPAA).

· Monitor policy effectiveness and recommend updates based on organizational changes or regulatory updates.

Risk Management

· Conduct risk assessments to identify vulnerabilities, threats, and compliance gaps.

· Collaborate with cross-functional teams to design and implement remediation strategies.

· Maintain risk registers and monitor mitigation efforts.

Compliance Oversight

· Support the organization in achieving and maintaining FedRAMP certification.

· Manage periodic audits, security assessments, and readiness activities for compliance frameworks.

· Track and report on compliance metrics, audit findings, and resolution status.

Training and Awareness

· Develop and deliver training programs to enhance employee understanding of compliance policies and procedures.

· Act as a point of contact for compliance-related queries within the organization.

Incident Response and Reporting

· Support incident response processes to ensure effective investigation and reporting of compliance-related incidents.

· Collaborate with stakeholders to implement corrective actions and prevent recurrence.

Vendor and Third-Party Risk Management

· Assess third-party vendors for compliance with organizational policies and standards.

· Ensure contracts include appropriate compliance requirements.

What do you bring to the table?

Education & Experience

· Overall 12- 15 years of relevant experience

· Bachelor's degree in Information Technology, Cybersecurity, Risk Management, or related field (Master’s preferred).

· 3+ years of experience in governance, risk, and compliance roles, with specific experience in FedRAMP compliance.

Knowledge & Skills

· Strong understanding of FedRAMP, NIST SP 800-53, ISO 27001, and other relevant frameworks.

· Experience in drafting policies, procedures, and SOPs.

· Familiarity with GRC tools and platforms (e.g., Archer, ServiceNow GRC).

· Excellent communication and documentation skills.

· Analytical mindset with attention to detail.

Certifications (Preferred)

· Certified Information Systems Security Professional (CISSP)

· Certified Information Systems Auditor (CISA)

· Certified Information Security Manager (CISM)

· ISO 27001 Lead or Internal auditor

ServiceNow - GRC/IRM Developer

at Apical Mind

1 video

4 recruiters

Posted by Nidhi Gupta

Remote, Mumbai, Pune

3 - 5 yrs

₹10L - ₹15L / yr

ServiceNow

GRC

IRM

ServiceNow Scripting

ServiceNow APIs

+3 more

Job Description: ServiceNow GRC/ IRM

Requirement:

Design and Implementation: Develop, configure, and implement modules within the ServiceNow IRM application to support risk management processes, including Risk Management, Policy Management, Compliance Management, and Audit Management.
Customization and Integration: Customize ServiceNow solutions to meet business requirements, including the creation of forms, workflows, and reports. Integrate ServiceNow with other applications and platforms to enhance risk visibility and reporting.
Scripting and Development: Utilize JavaScript, ServiceNow APIs, and other programming tools to develop functionalities, including business rules, client scripts, and orchestrations.
Process Improvement: Analyse current risk management processes and recommend solutions for improvement to enhance efficiency and effectiveness.
User Support and Training: Provide ongoing support to users of the IRM module, troubleshoot issues, and conduct training sessions to promote best practices.
Documentation: Create and maintain comprehensive documentation for designs, configurations, and customizations to ensure knowledge sharing and compliance.
Testing and Quality Assurance: Conduct testing of solutions prior to implementation, ensuring reliability and performance, and assist in validating changes with user acceptance testing.

Required Qualifications

Strong knowledge of risk management frameworks and compliance standards (e.g., NIST,

ISO 27001).

Certifications – CIS IRM/GRC Certified

Minimum 3 to 5 years of experience working on ServiceNow GRC or IRM Module as a

developer

Good Now Platform knowledge

Ability to understand the pain points related to Risk, Policy and Audit Management along

with Third Party Risk Management to provide solutions in ServiceNow

Mainline Certifications optional : CIS – Risk & Compliance and

CIS - Third Party Risk Management