GRC Specialist

Job Title: GRC Specialist

Location: Bangalore (On-site; full-time)

About Locus : At Locus , we are redefining logistics decision-making with deep-tech solutions that drive efficiency, consistency, and transparency across industries like retail and FMCG/CPG. Founded in 2015 by Nishith Rastog i and Geet Garg , Locus has evolved from a women s safety geo-tracking app into a globally recognized logistics optimization platform .

Our technology has empowered enterprises such as Unilever and Nestl to execute over a billion deliveries across 30+ countries. Guided by our commitment to innovation and sustainable growth, we transform complex supply chains into strategic growth enablers . Join us at Locus and be part of a team shaping the future of global logistics.

Governance Risk and Compliance Specialist (GRC Specialist)

Were looking for a candidate with 2-4 years of relevant experience.

Key Responsibilities:

• Define, implement, and maintain the Information Security Management System (ISMS) and Privacy Information Management System (PIMS).

• Plan and execute periodic risk assessments. Work directly with the business units to facilitate risk assessment and risk management processes.

• Define, Review and Maintain the organizational information security policies, processes, procedures and control framework to ensure it is adequate to address the emerging risks due to changing environment, technology and legal requirements.

• Align customer and internal information security objectives to the ISMS and PIMS.

• Monitor and fulfill client contractual (MSA) information security and privacy obligations.

• Monitor and fulfill legal obligations related to protection of personal information across different jurisdictions like GDPR, CCPA.

• Prepare metrics based periodic reports and dashboards with support from the stakeholder functions for management review.

• Liaise with security vendors, suppliers, service providers and external resources for new security tools for improving security.

• Lead the Information Security audits / assessments / remediation and present key risks to the management.

• Perform the Third party Risk Assessment of Critical Vendors.

• Conduct Information Security and Privacy awareness and training programs for the employees as part of their induction and regular awareness.

• Oversee information security and privacy incident management process for incident reporting, containment, resolution and root cause analysis.

• Plan and coordinate BCP and DR tests.

• Setup guidelines for secure coding practices.

• Recommend security and privacy controls based on people, process and technology approach and industry best practices.

• Identifying solutions or writing automation scripts for solving regular tasks or optimizing processes.

• SOC Monitoring Activities such as. Firewall, Vulnerability, Inspector, Guarduty etc.

• Log Review, Incident Handling Compliance adherence

Qualifications:

• Good understanding of information security compliance requirements like ISO27001, SOC2, CSA STAR and Privacy requirements like BS10012 ISO27701.

• Good understanding of legal obligations towards protection of personal information across different jurisdictions like GDPR, CCPA, etc.

• Experience in creating and auditing security and privacy best practices and implementation of security and privacy principles across organization, to meet business goals along with customer and regulatory requirements.

• Experience implementing security and privacy controls for cloud platforms like AWS, Azure.

• Experienced in solving Audit and Regulatory Issues.

• Experience in auditing MDM, SSO solutions, AWS (Cloud Infra), Firewall, WAF, DLP etc

• Good at solving information security compliance challenges by recommending solutions and best practices.

Join Locus and become part of a visionary team that is redefining logistics through innovation and smart distribution. We provide competitive compensation, comprehensive benefits, and a collaborative environment where your expertise will drive both your growth and that of the organization.

Locus is an equal opportunity employer dedicated to creating a diverse and inclusive workplace.