Job
Description
Role Overview: As a Principal Analyst - Information Security - GRC at FC Global Services India LLP, you will play a key role in shaping, executing, and maturing cyber risk programs while ensuring operational excellence and alignment to enterprise objectives. You will be serving as a strategic partner to US counterparts, driving a targeted cyber risk assessment program, and ensuring compliance with regulatory frameworks. Key Responsibilities: - Design, build, and pilot a targeted cyber risk assessment program to proactively identify, measure, and address emerging risks. - Elevate the quality, clarity, and consistency of policy, standard, and procedure documentation in alignment with corporate governance frameworks. - Drive corporate and industry regulatory mapping to ensure full traceability and compliance across frameworks such as NIST, ISO, FFIEC, and RBI. - Execute regulatory compliance initiatives, including performing change management impact assessments, developing remediation plans, and tracking closure while liaising with business and Compliance. - Conduct comprehensive end-to-end cyber risk assessments across compliance, technical, and operational areas, factoring in industry best practices, identify and escalate risks, and clearly document outcomes. - Evaluate the effectiveness of controls, identify gaps, assess risk impact, and recommend appropriate mitigation strategies aligned with internal standards and industry best practices. Qualifications Required: - Strategic mindset with the ability to see the big picture while delivering tactical outcomes. - Deep knowledge of cybersecurity risk, controls, policy, and documentation standards within a highly regulated environment. - Expertise in building forward-looking, resilient, and scalable programs grounded in market awareness and business alignment. - Strong leadership presence with a passion for developing talent, building inclusive teams, and driving organizational growth. - Demonstrated strong technical aptitude across a broad range of cyber domains including encryption, IAM, cloud security, network security, and vulnerability management. - Bachelor's degree in information security, Risk Management, Business Administration, or related field; Masters degree preferred. - Minimum 12 years of experience in cybersecurity, governance, risk, or compliance and project/program management with good leadership skills. - Experience in the financial services sector strongly preferred. - Strong working knowledge of key regulatory frameworks and standards such as NIST, ISO 27001, RBI, FFIEC, with the ability to interpret, apply, and align them to risk management efforts. - Proven ability to analyze, report, and communicate complex risks and data to senior leadership and executive stakeholders. - Hold relevant security certifications such as CISSP, CISM, or equivalent. (Note: Any additional details of the company not provided in the job description.),
