Job Opportunities

GRC Analyst

Job Summary
Plan and execute audits of Information Security Management Systems (ISMS) based on ISO 27001 standards.
Develop audit schedules, conduct opening and closing meetings, and ensure adherence to audit timelines
Prepare audit plans, checklists, and audit reports detailing findings, non-conformities, and recommendations.

Key Responsibilities, Deliverables / Outcomes
Plan and deliver on technology (IT/IS) audits with full involvement in planning, fieldwork & reporting.
Support IT/IS assurance & advisory reviews to address key enterprise technology risks including assessing the adequacy, design and operating effectiveness of technology and internal controls.
Perform Information Security related assessments to cover domains like User Access management, Network, OS & Application Security, Encryption, Backup Management, Disaster Recovery, Training & Awareness, etc.

Key Skills
Graduate in Science/Engineering
ISO 27001:2022 Lead Auditor/Implementor
CISA/CISM/CISSP preferred

Key Competencies
Minimum 2 to 3 years of experience in information/cyber security domain
Strong background in network security and information & cloud security.
Good Knowledge of ISO 27001 standard and documentation
Good knowledge of cyber security frameworks such as RBI CSF, NIST CSF, etc.
Good presentation skills
Sound knowledge of IT Security and Infrastructure audits.
Must possess basic knowledge of networking, different flavors of operating system, endpoint devices and security devices.
Should be a self-learner and must keep him/herself updated with latest threats and vulnerabilities researched/discovered.
knowledge of business continuity framework and standards.
Basic knowledge of different compliance standards such as PCI DSS, HIPAA, etc. in addition to ISO 27001
Good written and Verbal communication skill.