Senior GRC Analyst

We are seeking a Senior GRC Analyst to join our InfoSec & Risk team. The role involves strengthening governance, ensuring regulatory compliance, and managing risk/security controls across the organization.The ideal candidate will have prior experience in fintech payments, BFSI, or consulting firms, working with

clients similar to MobiKwik.

Key Responsibilities

• Policy & Governance

Review and update IT & InfoSec policies; coordinate board approvals.

Support development and implementation of security policies, procedures, and frameworks.

Track regulatory requirements and ensure ongoing compliance.

• Risk Management

Conduct Business Impact Assessments (BIA) for new businesses/apps.

Perform periodic IT asset risk assessments (RA/RT) and recommend mitigations.

Monitor exception management, control reviews, and closure of findings.

• Security Projects & Controls

Manage projects for implementing new security controls.

Evaluate vendors and internal tools from a data security perspective.

Support BCP updates & drills, including phishing simulations.

• Audit & Compliance

Facilitate and manage regulatory & compliance audits (RBI/ReBIT, PPI, ISNP & CIS, PCI DSS, ISO 27k, NPCI, partner banks).

Handle certification renewals and ensure timely closure of audit findings.

Liaise with auditors, control owners, and stakeholders for audit readiness.

• Awareness & Training

Foster a culture of compliance and risk awareness across the organization.

Conduct training sessions on GRC, risk, and compliance topics.

• Incident & Reporting

Provide governance reporting to senior management.

Support incident response and coordinate with relevant stakeholders.

Qualifications

• Bachelors degree in Information Security, Computer Science, Business Administration, or related field.
• 47 years of experience in GRC, risk management, or information security.
• Strong knowledge of regulatory and compliance requirements (RBI, PCI-DSS, ISO 27k, etc.).
• Experience conducting risk assessments, BIAs, and security audits.
• Excellent communication, analytical, and problem-solving skills.
• Ability to work independently and in cross-functional teams.
• Exposure to modern application security concepts is preferred.

https://www.linkedin.com/in/igirishgupta/