GRC (InfoSec)

National Payments Corporation of India (NPCI)

8 - 12 years

17 - 25 Lacs

hyderabad

Posted:3 weeks ago| Platform:

Apply

Skills Required

grc cissp it grc network security it governance risk compliance

Work Mode

Work from Office

Job Type

Full Time

Job Description

Develop, review, and maintain internal policies, procedures, and standards across various business functions.
Ensure alignment of internal governance frameworks with organizational objectives and risk appetite.
Conduct internal risk assessments to identify, analyze, and evaluate operational, strategic, financial, and reputational risks
Develop and implement risk mitigation strategies and controls, focusing on areas not directly driven by external regulations (e.g., internal process failures, data integrity, operational inefficiencies).
Monitor and report on key risk indicators (KRIs) and risk trends, maintain and update internal risk registers
Collaborate with various departments to embed risk awareness and management practices into their daily operations.
Design, implement, and monitor internal control frameworks to ensure adherence to company policies and internal standards.
Conduct internal audits and reviews to assess the effectiveness of controls and identify areas for improvement.
Prepare clear and concise reports, dashboards, and presentations for management on the status of internal governance, risk, and control activities.
Communicate effectively with stakeholders across all levels of the organization regarding GRC matters.
Identify opportunities to streamline GRC processes and enhance efficiency through automation or process re engineering.
Stay informed about industry best practices in internal governance and risk management.
Thoroughly review of all incoming information security requests (e.g., user access, system configuration changes, firewall rules creation/modifications, software installations, data access, third-party system integrations).
Review and approve access requests to sensitive systems, applications, and data and validate justifications, roles, and least-privilege principles prior to approval.
Identify and assess security risks and develop mitigation strategies.
Conduct preliminary risk assessments for requests that may introduce new vulnerabilities or deviate from standard security practices.
Collaborate with the Information Security team, IT operations, system owners, and business units to understand the business justification for requests and identify appropriate risk mitigation strategies.
Maintain a comprehensive understanding of evolving security threats, vulnerabilities, and regulatory changes to inform approval decisions.
Review and recommend exceptions to security policies and standards, identify and document any residual risks associated with approved exceptions, and ensure that compensating controls are in place for recommended exceptions, documenting the rationale, validity period, and expiration tracking.
Communicate clearly and concisely with requestors, providing detailed explanations for approvals, denials, or requests for additional information.

More Jobs at National Payments Corporation of India (NPCI)

Senior Associate - Settlement & reconciliation

Hyderabad

3 - 7 yrs

INR 5 - 11 Lacs

Senior Java Developer

Hyderabad, Chennai

7.0 - 10.0 yrs

INR 12 - 18 Lacs

DevOps Engineer (Blockchain SRE)

Hyderabad

7.0 - 8.0 yrs

INR 18 - 25 Lacs

Lead/Senior Lead Data Science

Hyderabad, Chennai, Mumbai (All Areas)

7.0 - 12.0 yrs

INR 18 - 25 Lacs

Offensive Security

Hyderabad, Chennai, Mumbai (All Areas)

4.0 - 7.0 yrs

INR 10 - 18 Lacs

Mock Interview

Practice Video Interview with JobPe AI

Start Job-Specific Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.