GRC Analyst

Position: GRC Analyst

Organisation:NuSummit Cybersecurity

earlier known as Aujas CyberSecurity

Locations:Mumbai- BKC- WFO only

Experience: 3-4Years

Budget:10LPA

Joining time: immediate to 30 days

Work Mode:

Cyber Assurance Auditee (L2)

Key Responsibilities:

-Assist in maintaining and improving the Information Security Management System (ISMS).

-Support ISO 27001 2022 audits, track non-conformities, and ensure timely closure.

-Manage, monitor, and coordinate VAPT findings across infrastructure, applications, and networks.

-Interpret, implement, and ensure compliance with SEBI and other regulatory cybersecurity guidelines.

-Prepare and submit compliance reports and maintain audit documentation.

-Provide evidence and track audit findings to closure for internal, external, and regulatory audits.

-Define and document the scope for VAPT, Application Security (AppSec), Configuration Audits (CA), and other security assessments.

-Maintain a comprehensive asset inventory to ensure proper scoping of security assessments.

-Monitor adherence to organisational cybersecurity policies and standards.

-Develop dashboards and reports using Microsoft Excel & PowerPoint.

Required Skills & Qualifications:

-Bachelor's degree in Computer Science, Information Security, or a related field.

-3-4 years of experience in cybersecurity assurance, audit, or compliance roles.

-Strong knowledge of ISO 27001, SEBI cybersecurity guidelines, and IT audit frameworks.

-Hands-on experience in VAPT coordination, tracking, and closure.

-Proficiency in Microsoft Excel for data analysis and reporting.

-Strong analytical, problem-solving, and documentation skills.

-Excellent communication and collaboration abilities.

-Ability to work independently and cross-functionally with teams.

Preferred Certifications:

ISO 27001 Lead Auditor / Implementer

CEH (Certified Ethical Hacker)

Candidates must have technical experience or knowledge on below:

נAccess management

נAsset Management

נIncident Management

נBCP/DR

נFirewall security checks

נPatch management

נChange Management

נTypes and methodologies of risk assessment

נServer onboarding, offboarding

נData security controls

נEmail security controls

נDLP, SIEM, EDR, AV, PIM, PAM, IAM concepts and working

נCloud fundamentals like SAAS, IAAS, PAAS, Buckets, Key management, etc

נPrivacy concepts (as we are moving towards DPDPA)

נActive Directory access checks

Share Ur latest CV with details like-

1. Ctc

2. Expectation

3. Notice period

4. Current location

Regards,

Rajesh Kumar

AAYAM CONSULTANTS

Cell: - 9311232179/ 7011595674

Email ID: - [HIDDEN TEXT]