Information Security GRC Analyst - II

Job Description

Why Choose Bottomline? Are you ready to transform the way businesses pay and get paid? Bottomline is a global leader in business payments and cash management, with over 35 years of experience and moving more than $16 trillion in payments annually. Were looking for passionate individuals to join our team and help drive impactful results for our customers. If youre dedicated to delighting customers and promoting growth and innovation - we want you on our team! The Role We are looking for a dynamic and innovative Information Security GRC Analyst to join our team in Bangalore. Job Summary This role reports to the Information Security Governance, Risk and Compliance (GRC) Manager and will work across all the product and technology teams to strengthen and enforce Bottomline s information security posture. As the Information Security GRC consultant, you will be responsible for building trust and confidence among our clients on the information security posture. This role also involves working closely with stakeholders to ensure adherence to regulatory requirements and security frameworks (e.g., SWIFT, NACHA, PCI, NIST, GLBA). How you ll contribute Governance - work with key stakeholders to develop, implement and enhance the information security policies, standards and processes in alignment with regulatory requirements and security frameworks (e.g., SWIFT, NACHA, PCI, NIST, GLBA). Execute governance routines and reporting to ensure compliance with required policies and standards. Risk Management - build and maintain a control library for enterprise-wide controls and product specific controls. Maintain the risk register (issues and risk acceptances) to ensure effective tracking, prioritization and reporting of risks. Process risk acceptances to ensure they are appropriately rated with sufficient mitigating controls. Compliance - Coordinate assessments to ensure compliance with applicable regulations and industry requirements (e.g., SWIFT, NACHA, PCI, NIST, GLBA). Client Support - Gather, assess and present the information security posture to customer (i.e., completion of request for information, contract language reviews, completion of due diligence questionnaires etc.). Education and Awareness - develop and deliver information security awareness and training If you have the attributes, skills, and experience listed below, we want to hear from you. Bachelor s degree in risk management, cybersecurity, technology or equivalent Preferred Experience & Qualifications Cyber or risk management certifications Understanding and knowledge of cyber regulatory and industry frameworks (i.e., SWIFT, NACHA, PCI, NIST, GLBA) We welcome talent at all career stages and are dedicated to understanding and supporting additional needs. Were proud to be an equal opportunity employer, committed to creating an inclusive and open environment for everyone.