Jobs
Interviews
Tech Defence Labs logo

Senior GRC Consultant

2 - 6 years

5 - 9 Lacs

mumbai

Posted:None| Platform: Naukri logo

Apply

Skills Required

ticketing linux cisa soc disaster recovery iso 27001 network security windows asset management monitoring

Work Mode

Work from Office

Job Type

Full Time

Job Description

Job Title:

Sr. GRC Consultant

Company:

Techdefence Labs Solutions Ltd.

Location:

Mumbai Ahmedabad

Department:

GRC

Job Type:

Full Time, Onsite

About Techdefence:

Techdefence is a leading cybersecurity solutions provider specializing in offensive and defensive security, AI-powered threat intelligence, and enterprise security frameworks. Our comprehensive services and product portfolio cater to global enterprises, government agencies, and critical infrastructure, ensuring proactive protection against cyber threats.

With a strong RD focus, Techdefence delivers cutting-edge security solutions in the areas of cloud security, network security, application security, penetration testing, SOC solutions, and managed security services. Our expertise in cyber resilience, risk management, and compliance frameworks (ISO 27001, NIST, GDPR, PCI-DSS, etc.) positions us as a trusted partner for organizations worldwide.

Role Overview:


Techdefence Labs is looking a proactive Sr. GRC Analyst who will assess and mitigate risks across on-premise and cloud environments, lead third-party/vendor security evaluations, and ensure compliance with frameworks like ISO 27001, SOC 2, NIST, and GDPR. The role includes managing vulnerability assessments, supporting audits, enhancing security architecture, and driving business continuity, while translating technical risks into clear, actionable recommendations.

Required Qualifications

:


  • This individual s primary day to day responsibilities is mentioned below (but are not limited to these):
  • Plan and conduct end-to-end cybersecurity risk assessments for ICT assets (networks, servers, applications, endpoints, cloud), including threat/vulnerability identification, likelihood/impact analysis, risk scoring, and treatment plans.
  • Lead third-party/vendor risk assessments: due diligence, security questionnaires, evidence reviews, control gap analysis, and ongoing monitoring aligned to ISO 27001 Annex A, SOC 2 trust services criteria, NIST controls, and GDPR requirements.
  • Map assessment findings to GRC frameworks and regulatory requirements; produce compliance-ready reports, risk registers, and executive summaries.
  • Collaborate with IT and engineering on security architecture reviews for networks, servers, and cloud; recommend hardening, segmentation, and secure configuration baselines.
  • Support policy, standard, and procedure development for risk management, vulnerability management, incident response, access control, and asset management.
  • Prepare materials for internal/external audits (ISO 27001, SOC 2) and respond to client security assessments and RFPs.
  • Evaluate and secure cloud environments (AWS, Azure, GCP) by conducting cloud-specific risk assessments, reviewing identity and access management, ensuring workload segmentation, and checking adherence to cloud security posture management best practices.
  • Assess compliance of cloud service providers with frameworks such as ISO 27017/27018, CIS Cloud Benchmarks, and guide the deployment of secure and resilient cloud architectures.
  • Formulation and testing of Business Continuity and Disaster Recovery Plans; identify ICT risks impacting availability and participate in tabletop and failover exercises to ensure preparedness.
  • Evaluate the use of cryptographic protocols and encryption solutions for data at rest, in transit, and in use across enterprise systems and cloud assets.
  • Knowledge of security controls like Authentication, Authorization, Data Security, IAM

Required Qualifications

:

  • Demonstrated experience implementing or assessing against GRC frameworks: ISO/IEC 27001/27002, SOC 2, NIST CSF/800-53/800-171, and GDPR security/privacy controls.
  • Experience with third-party risk management: security questionnaires, SIG/CAIQ or equivalent, due diligence evidence review, and continuous monitoring.
  • Proficiency with vulnerability management tools and VAPT methodologies; ability to interpret CVEs/CVSS and prioritize remediation.
  • Strong documentation and reporting skills with the ability to communicate technical risks to non-technical stakeholders.
  • Understanding of secure configuration benchmarks (e.g., CIS), patching cycles, logging/monitoring fundamentals, and incident response coordination.
  • Mandatory certifications CEH/Security +

Preferred Qualifications:

  • Certifications: CISM, CISA, ISO 27001 Lead Auditor/Lead Implementer.
  • Hands-on exposure to SIEM, EDR, SAST/DAST, cloud security posture management, and container security basics.
  • Tools and Technologies:
  • Vulnerability/VAPT: Nessus, Qualys, OpenVAS, Burp Suite, Nmap, Metasploit.
  • Governance/Risk/Compliance: risk registers, control libraries, SIG/CAIQ, ISO 27001 documentation suites; ticketing for remediation tracking.
  • Infrastructure: Windows/Linux server administration fundamentals, network device configuration review, cloud (AWS/Azure/GCP) security baselines.
  • Monitoring: SIEM/EDR exposure for context during risk assessments and validation of remediation.

More Jobs at Tech Defence Labs

Intern Pre sales Consultant

Ahmedabad

Experience: Not specified

|

Salary: Not disclosed

Associate Project Manager

Ahmedabad

1.0 - 3.0 yrs
|

INR 4 - 7 Lacs

Intern - Business Analyst

Ahmedabad

Experience: Not specified

|

Salary: Not disclosed

Junior Accountant

Ahmedabad

1.0 - 2.0 yrs
|

INR 1 - 2 Lacs

Talent Acquisition Specialist

Ahmedabad

2.0 - 4.0 yrs
|

INR 4 - 6 Lacs

Mock Interview

Practice Video Interview with JobPe AI

Start Job-Specific Interview
cta

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.

Job Application AI Bot

Job Application AI Bot

Apply to 20+ Portals in one click

Download Now

Download the Mobile App

Instantly access job listings, apply easily, and track applications.

Google Play App Store
coding practice

Enhance Your Skills

Practice coding challenges to boost your skills

Start Practicing Now
Tech Defence Labs logo
Tech Defence Labs

Cybersecurity

San Francisco

RecommendedJobs for You

Surtel Technologies logo

Senior GRC Consultant

Surtel Technologies

indore, madhya pradesh

Surtel Technologies logo

Senior GRC Consultant

Surtel Technologies

Indore, Madhya Pradesh, India

Tech Defence Labs logo

Senior GRC Consultant

Tech Defence Labs

mumbai

Ericsson logo

SME Security Risk and Compliance

Ericsson

gurugram

EY logo

GMS-Senior-SIGDEV

EY

bengaluru

ICICI Prudential Life logo

Sr. Manager- II - Cybersecurity SC

ICICI Prudential Life

mumbai

Technical Manager

Alpha Testing Technology

gurugram

Automationedge logo

GRC Consultant

Automationedge

pune

Oracle logo

Consulting Solution Manager - Information Security

Oracle

chennai, bengaluru

Iris Software logo

Information and Cyber Security - Senior Manager

Iris Software

noida