Grc Analyst

Job Title: GRC Analyst

Location: Hyderabad, Onsite

Job Overview:We are seeking a detail-oriented and proactive GRC Analyst to join our team. The successful candidate will be responsible for assisting in the development, implementation, and monitoring of governance, risk, and compliance (GRC) programs. The GRC Analyst will help ensure the organization adheres to regulatory standards and industry best practices, while minimizing risks and maximizing operational efficiency.

Key Responsibilities:

• Governance, Risk, and Compliance Management: Support the development and execution of GRC frameworks and processes aligned with regulatory requirements and industry standards.
• Risk Assessment & Management: Assist in identifying, evaluating, and documenting potential risks to the organizations operations, information, and assets.
• Compliance Monitoring: Track and ensure compliance with internal policies, regulatory standards, and external laws such as GDPR, DPDPA, SOC 2, & industry standards ISO 27001, NIST etc and others.
• Audit Support: Help prepare for audits by gathering necessary documentation, conducting internal audits, and addressing audit findings.
• Policy and Procedure Development: Collaborate in creating, reviewing, and updating policies and procedures to align with governance, risk, and compliance requirements.
• Training and Awareness: Provide training and awareness programs for employees on GRC best practices and the organizations compliance requirements.
• Incident Management: Support the investigation of compliance breaches or risk events, help document findings, and assist with corrective actions.
• Reporting: Prepare regular reports on risk and compliance status for senior management, ensuring clear communication of potential issues and mitigation strategies.
• Continuous Improvement: Recommend and assist in implementing improvements to the GRC processes and tools to enhance efficiency and effectiveness.
• Security and Privacy Assurance
• Third-Party Risk Management

Required Qualifications:

• Bachelors degree in Business, Information Technology, Risk Management, or related field.
• 4-6 years of experience in Governance, Risk, and Compliance or related areas.
• Familiarity with GRC frameworks, regulatory requirements (GDPR, DPDPA, SOC 2, & industry standards ISO 27001, NIST etc.), and risk management methodologies.
• Knowledge of industry standards and best practices in risk management, compliance, and security.
• Strong analytical and problem-solving skills.
• Excellent communication skills, both written and verbal.
• Detail-oriented with the ability to handle sensitive and confidential information.
• Knowledge of cybersecurity principles and data privacy laws
• Ability to manage and collaborate with cross-functional teams in product and IT environments.

Preferred Qualifications:

• Professional certifications such as Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or similar.
• Experience in IT risk management or cybersecurity.
• Ability to work independently and as part of a team.
• Expertise in GDPR and DPDPA Act/Laws