Security Advisor

Project Role : Security Advisor
Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders.
Must have skills : Governance Risk Compliance (GRC)
Good to have skills : NA
Minimum 3 year(s) of experience is required
Educational Qualification : 15 years full time education
Summary: The GRC Analyst plays a pivotal role in driving the execution of cybersecurity governance, risk, and compliance programs. The individual is responsible for managing risk assessments, supporting audits, maintaining policy frameworks, and tracking regulatory adherence. Acts as the liaison between technical teams and risk/compliance stakeholders to ensure proper security and compliance hygiene is maintained across the enterprise. Roles & Responsibilities: - Conduct periodic risk assessments and control reviews across business units and IT systems. - Maintain and enhance cybersecurity policy and standards framework aligned to industry standards NIST, ISO 27001, etc. - Facilitate internal and external audits (e.g., ISO, SOC2, SOX), coordinate evidence collection, and track remediation plans. - Monitor regulatory changes and assess their impact on business operations. - Support third-party/vendor risk assessments and due diligence. - Ensure risk exceptions and findings are documented and tracked to closure. - Collaborate with IT and business stakeholders to implement control improvements and reduce risk. - Manage GRC tools (e.g., Archer, ServiceNow GRC) for risk and compliance workflows. - Assist in metrics reporting and executive dashboards for leadership reviews. Professional & Technical Skills: - Strong understanding of cybersecurity controls, frameworks (NIST, ISO, CIS). - Hands-on experience with risk management lifecycle and control assurance. - Good knowledge of regulatory requirements: SOX, GDPR, HIPAA, etc. - Exposure to GRC platforms likeArcher, ServiceNow, OneTrust, etc. Strong documentation and communication skills for audit and stakeholder engagement. - Ability to interpret technical risk into business language. Additional Information: - The candidate should have minimum 3 years of experience in Governance Risk Compliance (GRC). - A 15 years full time education is required. -This position is based at our Bengaluru office.