GRC Analyst-WFO -Kochi

Job Title:

GRC Analyst

Position Summary

As a GRC Analyst, you will play a pivotal role in supporting and enabling Governance, Risk, and

Compliance (GRC) operations across our cybersecurity services. Your primary focus will be to

enhance risk management processes, strengthen compliance frameworks, and support strategic

initiatives that drive the organization’s security posture and business resilience. You will act as a key

collaborator between technical teams, business units, and executive leadership, translating

compliance requirements into actionable plans.

Key Responsibilities

Governance Enablement & Strategy

• Support the design, implementation, and continuous improvement of the organization’s GRC

enablement strategy, covering tooling, workflows, reporting, and process optimization.

• Assist in developing frameworks and controls that align with industry standards (e.g., ISO 27001,

NIST, GDPR, PCI-DSS).

• Help manage the governance structure, including policy lifecycle management, compliance

awareness programs, and control implementation.

Risk Management & Compliance Operations

• Conduct risk assessments, control effectiveness reviews, and gap analyses in coordination with

technical and business stakeholders.

• Assist in managing compliance assessment requests, ensuring effective intake, tracking, and

prioritization of projects.

• Provide hands-on support for coordinating internal and external audit activities and regulatory

compliance reviews.

• Maintain comprehensive compliance dashboards, reports, and metrics to track risk status, control

effectiveness, and compliance posture.

Tooling & Process Improvement

• Assist in the selection, deployment, and management of GRC tools and technologies (e.g., Archer,

ServiceNow GRC, MetricStream) to streamline risk and compliance operations.

• Collaborate with IT and security teams to integrate automated controls and reporting into existing

workflows and systems.

• Identify opportunities for process automation, efficiency gains, and proactive risk identification.

Collaboration & Communication

• Partner with IT, Security, Legal, and Business Units to ensure compliance activities align with

business objectives.

• Translate complex compliance and risk findings into clear, actionable insights for technical and non

technical stakeholders.

• Assist in delivering training and awareness programs related to governance and compliance

policies.

Required Qualifications

• 3+ years of experience in GRC, Information Security, IT Risk, or Compliance functions.
• Strong understanding of industry-standard frameworks and regulations (NIST, ISO 27001, GDPR,

PCI-DSS, SOC2).

• Experience working with GRC platforms and tools such as RSA Archer, ServiceNow GRC,

MetricStream, or similar.

• Hands-on experience in risk assessments, compliance audits, and policy implementation.
• Familiarity with cloud environments (AWS, Azure, GCP) and their associated compliance challenges.
• Strong analytical skills and a data-driven mindset for decision making.
• Excellent written and verbal communication skills, with the ability to articulate technical concepts

to business audiences.

Preferred Qualifications

• Certifications such as CISA, CISM, CISSP, CRISC, or PMP.
• Experience in automating compliance processes within DevSecOps pipelines.
• Solid understanding of IT and security control frameworks (CIS Controls, MITRE ATT&CK).
• Exposure to compliance monitoring of cloud-native environments.
• Experience in regulatory environments (e.g., finance, healthcare, government).

Professional Attributes We Value

• Strong problem-solving skills and attention to detail
• Ability to operate independently in a fast-paced environment
• Strategic thinker with a continuous improvement mindset
• Collaborative approach, building trust with cross-functional teams
• Passion for keeping up-to-date with emerging cybersecurity and compliance trends

As a GRC Analyst in our cybersecurity services team, you will have the opportunity to influence risk

based decisions, improve compliance maturity, and protect our clients’ critical assets from regulatory

and security risks. If you are driven by governance excellence and have a solid technical

understanding of cybersecurity controls, we encourage you to apply.

Job Types: Full-time, Permanent

Pay: From ₹500,000.00 per year

Benefits:

• Health insurance
• Provident Fund

Work Location: In person