Home
Communities
Companies
- Companies
  
  Discover best places to work
- Compare Companies
  
  Compare & find best workplace
- Add Office Photos
  
  Bring your workplace to life
- Add Company Benefits
  
  Highlight your company's perks
Reviews
- Company reviews
  
  Read reviews for 6L+ companies
- Write a review
  
  Rate your former or current company
Salaries
- Browse salaries
  
  Discover salaries for 6L+ companies
- Salary calculator
  
  Calculate your take home salary
- Are you paid fairly?
  
  Check your market value
- Share your salary
  
  Help other jobseekers
Interviews
- Company interviews
  
  Read interviews for 40K+ companies
- Campus placements
  
  Interviews questions for 1K+ colleges
- Share interview questions
  
  Contribute your interview questions
Jobs
Awards

WINNERS AWAITED!
- ABECA 2025
  
  WINNERS AWAITED!
  
  AmbitionBox Employee Choice Awards - 4th Edition
- ABECA 2024
  
  AmbitionBox Employee Choice Awards - 3rd Edition
- AmbitionBox Best Places to Work 2022
  
  2nd Edition
- AmbitionBox Best Places to Work 2021
  
  1st Edition

Add office photos

Employer? Claim Account for FREE

Druva

Compare

3.6

based on 83 Reviews

20 Druva Jobs

Senior GRC Analyst

Druva Inc.

3.6

based on 83 Reviews

4-8 years

Pune

1 vacancy

Senior GRC Analyst

Druva

posted 20d ago

Job Role Insights

Flexible timing

Key skills for the job

Computer Networking Legal Advisory Windows System Administration Risk Management Information Security Database Administration

+ 3 more

Job Description

About Druva

Druva, the autonomous data security company, puts data security on autopilot with a 100% SaaS, fully managed platform to secure and recover data from all threats. The Druva Data Security Cloud ensures the availability, confidentiality, and fidelity of data - providing customers with autonomous protection, rapid incident response, and guaranteed data recovery. The company is trusted by its more than 6,000 customers, including 65 of the Fortune 500, to defend business data in today s ever-connected world. Amidst a rapidly evolving security landscape, Druva offers a $10 million Data Resiliency Guarantee ensuring customer data is protected and secured against every cyber threat.

We are seeking a Federal GRC Analyst to join our team. The candidate will be responsible for managing the POAM (Plan of Actions and Milestones) process, working with Federal agencies, analyzing vulnerability, application, web, and database scans for multiple environments, and providing support for compliance with the FedRAMP program. The candidate should have experience in building and maintaining network architecture diagrams, data flow diagrams, System Security Plans, Ports, Protocols, and Services Management (PPSM) documentation. The role requires knowledge of NIST Risk Management Framework (RMF), FedRAMP High, Moderate,baselines. Familiarity with StateRAMP and TX-RAMP is also a plus.

Primary Responsibilities

Manage the POAM process, including creating, tracking, and reporting on POAM items
Work with Federal agencies to address security concerns and ensure compliance with FedRAMP requirements
Analyse vulnerability scans to identify security risks and recommend remediation actions
Provide support for compliance with FedRAMP program requirements, including conducting security assessments and preparing security documentation
Maintain and update a System Security Plan
Collect and maintain artifacts used and needed for FedRAMP annual assessment
Collaborate with third-party assessment organisation (3PAO) for assessments
Stay up-to-date on changes to regulations and standards related to federal compliance and security
Work cross-functionally with engineering, product, advisory, legal, and sales teams to provide customer and stakeholder support

Qualifications & Skills

Education and Training:

Degree in Computer Science or equivalent
Understanding of multiple technology domains including Cloud, Software Development, MS Windows, Database management, Networking, and UNIX (preferred).
Understanding of information security standards, best practices for securing computer systems, and applicable laws and regulations.

Technical or Professional Experience:

Total of 8+ years with a minimum of relevant experience
2+ years experience in federal compliance and governance, including experience with FedRAMP, NIST, FISMA and other relevant regulations and standards
Progressive achievement in one or more of the traditional IT disciplines (applications, operations, infrastructure, and management).
Experience with SaaS Cloud Operations required.
Familiarity with AWS GovCloud environment and its related services
Experience in using scanning solutions to gather and review container, database, web application and other vulnerability scans.

Skills Requirements:

Outstanding interpersonal and communications skills; ability to communicate effectively with technical and non-technical audiences.
Strong verbal and written English language competency.
Strong knowledge of information security/Compliance standards(NIST/ISO are examples).
Expert knowledge of internal auditing, internal controls, risk management, and practices and methods.
Comprehensive understanding of internal control environments within the IT function.
Experience with multiple technology domains including aspects of Windows, Unix and/or database administration, software development and networking.
Excellent leadership and teamwork skills.
Proactive, hands-on, detail-oriented and results-driven orientation required.
Ability to produce high quality work products for both the IT groups and Senior Management.