GRC Specialist

About Company:

Our client is a global technology consulting and digital solutions company that enables enterprises to reimagine business models and accelerate innovation through digital technologies. Powered by more than 84,000 entrepreneurial professionals across more than 30 countries, it caters to over 700 clients with its extensive domain and technology expertise to help drive superior competitive differentiation, customer experiences, and business outcomes.

Job Title: GRC Specialist

Location: (Pan India)-Bangalore (Global village Tech Park) / Hyderabad (Rai Durg) / Mumbai (Powai / Mahape) / Chennai (DLF IT Park) / Pune (Shivajinagar) / Noida (Candor Techspace, Industrial Area) / Gurgaon (Ambience Island, DLF Phase 3) / Kolkata (Merlin Infinite, Salt Lake Electronics Complex)

Experience: 3 to 6 Years

Employment Type: Contract to Hire

Work Mode: Hybrid

Notice Period: Immediate Joiners Only

Job Description:

We are seeking a highly skilled and motivated GRC Specialist. The ideal candidate will be responsible for developing, implementing, and managing governance, risk, and compliance programs to ensure the organization meets regulatory requirements and industry standards. Good Experience in GRC Domain with knowledge of Archer tool to perform the Risk assessment of various Cloud and network-based application. Aware about Risk Mitigation processes/controls, Vulnerability Management, Third party risk management, Vendor risk screening, Cyber risks, Audit Methodology (SOX/ICFR), Network security, DPAT (One trust Tool) and SOC reports. Good Verbal & written Communication skills. Ability to communicate and take calls with client to understand their requirements. Highly customer focused and motivated with willingness to take ownership for their work and ability to work both independently and in a team-oriented environment. Good Knowledge of Archer tool is preferable. Relevant certifications (e.g., ISO 27001 LA, CISA, CRISC, CISSP) are a plus.

Key Responsibilities

1. Work on Risk Assessment, Risk Re-assessment, CAQ, CRE for new applications following the required standards set forth by client.

2. Review Projects and their technical design documents for Information security risks and advise on suitable controls and mitigations at early stages of onboarding an application

3. Work closely with requestors to understand Technology Landscape Infrastructure Cloud and review Client’s information security and related threats and vulnerabilities legal and regulatory requirements.

4. Review and advise on information security risks of vendor offerings, initial vendor screening, IT security contractual clauses, Third party risk management etc..

5. Conduct risk assessment on Applications Network Systems on Archer according to applicable Client policies, Standards and legal regulatory requirements

6. Knowledge of Excel Macros, SQL programming, SAP, Power Bi is desirable but not mandatory.