Governance Risk Compliance

Job Title
Governance Risk Compliance

 Responsibilities 
Primary Skills:Experience in IT Risk Management, IT security, IT risk and control encompassing or equivalent ( e.g. IT Risk management,?IT Auditing experience). 2. Solid working knowledge (proven hand -on experience) of Governance, Risk Management and Compliance (GRC) principles, tools and best practices. 3. Working knowledge (understanding and use in practice) of relevant regulations, standards and frameworks:GDPR, ISF Standard of Good Practice, NIST CSF, ISO27001, PCI DSS and similar. 4. IT risk and control workshops?experience (different asset type:services, applications, infrastructure components, etc.). 5. Proven a ability to?explain and educate?stakeholders?on IT Risk related topics. 6. IT related background?(experience in?system and network design, cloud infrastructure, system administration or similar): Ability to read and explain (to non-IT people):technical diagrams (service or application), data flows, technical solution documentation. o Great understanding of core IT processes (e.g.:IT Incident Management, Security Incident Response, IT Problem Management, IT Change Management, IT Resilience, Business Recovery, etc.) 7. Third party risk assessment experience. 8. Experience in IT Risk treatment decision process (IT Risk mitigation plans). 9. ServiceNow GRC (Governance, Risk and Compliance) tooling knowledge. 10. Great soft skills and ability to work under time pressure conditions. 11. Business level fluency in spoken and written English.Secondary Skills:

IT Controls assessment and management skills.

Strong analytical, communication, teamwork and interpersonal skills.

Professional security certification (e.g. CISM, CISA, CRISK, CISSP, ISO 27001 Lead Implementer, ITIL, COBIT, etc.).

Proficient?communication skills and communication?tools knowledge (MS Teams, Outlook)

Good?MS?Excel, MS Word, MS Power Point skills.Good to Have Skills:Job Description:

Be involved in all IT Risk Management lifecycle stages (identification, assessment, response, review, monitoring, retirement, reporting).

Facilitate and conduct Technology Risk Assessments workshops with technology/application service owners (including third parties).

Oversee and administrate Technology Risk Register (ServiceNow).

 Preferred Skills: 
GRC
Risk Management
GRC->Information Security Management
GRC->Risk Assessment
GRC->ISO 20000 Implementation
GRC->ISO 27001 Audit/Implementation
Audit->Information Security Audit->CISA
Tools->Service Now->Service Now-GRC

 Additional Responsibilities: 
Location Pune and Bangalore

 Educational Requirements 
Bachelor of Engineering,Bachelor Of Comp. Applications,Master Of Comp. Applications,BCA,Bachelor Of Computer Science,Intergrated course BCA+MCA

 Service Line 
Cyber Security

* Location of posting is subject to business requirements