GRC Analyst/ Senior GRC Analyst (Governance, Risk and Compliance)

Should not apply: Applicants with AML experience and Banking compliance experience

Can Apply: Applicants with Risk and compliance experience in IT industry, IT product, FinTech

Position Summary:

Governance, Risk & Compliance role is one of the critical function of Alacriti Technology Solutions Pvt. Ltd., which assists business areas in identifying and evaluating their key operational risks and controls and recommending enhancements to their controls - where appropriate.

As an Risk and Compliance Analyst (or) Senior Risk & Compliance Analyst, you will assist Alacriti business areas in identifying and evaluating key operational risks and controls through risk-based control assessments. This includes documenting and testing key controls, analyzing exceptions, and providing recommendations for proposed control enhancements.

Role & responsibilities

• Managing PCI DSS, HIPAA & SOC certification life cycle and client communication with this regard
• Managing the Notification process including Incidents
• Responding to clients security questionnaire
• Ensuring compliance across organization through JIRA ticketing system as one of the mode.
• Managing the compliance document repository including Certifications, Policies and Procedures
• Working experience in Risk Management 
• Good Understanding of NIST frameworks including 800-53, 800-30
• Managing the audits including Secure SDLC audits
• Perform risk assessments, related to both operational and compliance risk by Facilitating open/direct discussions with business areas to identify key risks within the control environment
• Capture information from the business area in order to create documentation of the business areas key operational and/or compliance processes, risks, and controls
• Evaluate the design and test the operating effectiveness of key controls identified and provide control enhancement recommendations as appropriate
• Prepare presentations for executive management, committees, and other stakeholders to discuss identified risks and opportunities for improvement to the control environment
• Contribute to other risk management activities, which may include exception monitoring and tracking, vendor viability assessments, and other special projects as needed
• Assist in Planning and executing timely Audits
• Maintain required documentation as per compliance.
• Conduct Security Trainings, Release security guidelines to different stake holders from time to time.

Preferred candidate profile

• MBA-IT/Information Security as the educational requirement along with BE/B.Tech
• Experience in FinTech Product based company is added advantage
• Experience in PCI DSS, HIPAA & System and Organizational Controls [SOC] implementation
• Experience in internal audit function

Perks and benefits

On par with Industry starndards