Talent.com
This job offer is not available in your country.
Information Security Specialist - GRC

Information Security Specialist - GRC

CTEINDIA
30+ days ago
Job description

We are seeking GRC Certified Engineer in the IT services Energy domain to ensures compliance with governance, risk, and cybersecurity regulations specific to the energy sector, including NERC CIP, ISO 27001, NIST, SOC 2, and GDPR. You will be responsible for risk assessments, security audits, and policy enforcement to protect critical infrastructure, operational technology (OT), and IT systems. You are expected to be skilled in Anaplan GRC tools, ServiceNow GRC, and Archer. They help energy companies mitigate cyber threats, manage third-party risks, and ensure regulatory adherence while maintaining business continuity.

Skills Required

  • Governance : Develop and enforce security policies, procedures, and frameworks to align with business objectives and regulatory requirements.
  • Risk Management : Identify, assess, and mitigate cybersecurity risks related to IT infrastructure, applications, and data.
  • Compliance Management : Ensure adherence to industry standards such as ISO 27001, NIST, GDPR, SOC 2, HIPAA, PCI-DSS by conducting audits and implementing security controls.
  • Security Audits & Assessments : Perform internal security audits, gap analyses, and compliance assessments to identify vulnerabilities.
  • Incident Response & Reporting : Work with security teams to manage security incidents, analyze root causes, and implement corrective actions.
  • Third-Party Risk Management : Evaluate vendors and partners for compliance with security policies and contractual obligations.
  • Automation & GRC Tools : Utilize tools like Archer, ServiceNow GRC, OneTrust, MetricStream to track risks, controls, and compliance metrics.
  • Security Awareness & Training : Conduct security awareness programs for employees to reinforce compliance best practices.

Qualifications

  • 5 years of experience in cybersecurity, with at least 2 years focused on cybersecurity governance, risk, and compliance.
  • Proven success in promoting and collaborating on risk and compliance policies across IT and business units.
  • Excellent written and verbal communication skills, with the ability to effectively communicate risks to executive leadership and key stakeholders.
  • Strong understanding of cybersecurity frameworks (e.g., SOC2, ISO 27001) and experience leading their implementation while demonstrating their value.
  • Expertise in cybersecurity risk management and control principles, with a proven ability to identify risks and take appropriate mitigating actions.
  • Strong organizational and project management skills, with the ability to manage multiple tasks, align stakeholder expectations, and deliver results with professionalism, motivation, and integrity.
  • Familiarity with industry standards and regulations, including NIST, SOX, PCI, ISO, GDPR, and others.
  • Bachelors or Masters degree in a relevant field, or equivalent combination of education and experience.

    • Roles & Responsibilities

    This role will report directly to the Chief Information Security Officer (CISO) and will focus on strengthening the organizations security posture while promoting a transparent, risk-aware culture.

  • Collaborate with the CISO to develop a service-oriented operating model that supports all GRC services, including data privacy compliance.
  • Implement and manage key GRC capabilities, such as policy and exception management, third-party risk management, security reviews and audits, enterprise risk management, compliance management, and international data privacy compliance.
  • Maintain the cybersecurity risk register and track associated risks.
  • Establish security metrics and reporting across all GRC services.
  • Perform risk assessments as required.
  • Monitor the security risk profiles of suppliers and identify high-risk suppliers requiring additional review.
  • Respond to customer security / compliance questionnaires.
  • Demonstrate adherence to HIPAA, GDPR, PCI, and other relevant global regulations.
  • Oversee the configuration and management of the GRC tool.
  • Collaborate with other GRC functions within the organization as required to ensure that the business maintains a trustworthy culture with its clients.
  • Stay up-to-date on evolving legislation, regulations, and industry dynamics, assessing their impact on business programs, policies, and training needs.

    • Experience

    4-10 years

    Location

    Hyderabad / Work From Office

    Create a job alert for this search

    Information Security Specialist • INDIA

    Related jobs
    • Promoted
    Information Security Consultant - GRC

    Information Security Consultant - GRC

    Jobman by Shunya TattvaMumbai
    Job Description : We are hiring a skilled and motivated Information Security Consultant to join our gr...Show moreLast updated: 3 days ago
    • Promoted
    Information Security Engineer - GRC / BPC

    Information Security Engineer - GRC / BPC

    Wave HR and Advisory Pvt LtdMumbai
    Position : Information Security Experience : 12+ years Reporting to : Chief Information Security Officer - CIS...Show moreLast updated: 30+ days ago
    Information Security GRC Consultant

    Information Security GRC Consultant

    Bottomline TechnologiesINDIA
    Are you ready to transform the way businesses pay and get paid? Bottomline is a global leader in business payments and cash management, with over 30 years of experience and moving more than $10 tri...Show moreLast updated: 30+ days ago
    • Promoted
    Information Technology Security Specialist

    Information Technology Security Specialist

    ThoughtFocusIndia
    We are looking for information security engineer having 3-5 yrs exp.Should have strong experience in Terraforms, Devsecops, CSPM solutions. Perform security assessments and vulnerability scanning.Cr...Show moreLast updated: 24 days ago
    • Promoted
    Information Security Audit Specialist

    Information Security Audit Specialist

    KPMG IndiaIndia
    OVERVIEW KPMG in India, a professional services firm, is the Indian member firm affiliated with KPMG International and was established in September 1993. Our professionals leverage the global networ...Show moreLast updated: 5 days ago
    Security GRC Engineer

    Security GRC Engineer

    Employment HeroAU
    Remote
    Quick Apply
    Employment Hero is on a mission to make employment easier and more valuable for everyone.Our Employment Operating System brings hiring, HR, payroll and benefits into an all-in-one solution.Since ou...Show moreLast updated: 19 days ago
    Information Security Specialist - GRC

    Information Security Specialist - GRC

    Cambridge TechnologyHyderabad, Telangana, India
    We are seeking GRC Certified Engineer in the IT services – Energy domain to ensures compliance with governance, risk, and cybersecurity regulations specific to the energy sector, including NERC CIP...Show moreLast updated: 30+ days ago
    Specialist - Information Security

    Specialist - Information Security

    ScaleneWorksBengaluru, Karnataka, India
    Quick Apply
    Would prefer candidates coming in from DEV Security operations(Dev SecOps) , Product security experience required, SAST and DAST, Secure SDLC, Threat Modeling, OWASP 10, Secure code review, Applica...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    SAP GRC Security

    SAP GRC Security

    People Prime WorldwideBengaluru, Karnataka, India
    About Company : They balance innovation with an open, friendly culture and the backing of a long-established parent company, known for its ethical reputation. We guide customers from what’s now to wh...Show moreLast updated: 6 hours ago
    • Promoted
    • New!
    Information Technology Security Specialist

    Information Technology Security Specialist

    Euronet in AsiaIndia
    Euronet Worldwide is a NASDAQ listed transactions and payments processing major with strong presence in North America, Europe, Middle East, India and the Asia-Pacific regions.Today we are one of th...Show moreLast updated: 6 hours ago
    • Promoted
    SAP GRC Security

    SAP GRC Security

    Tata Consultancy ServicesHyderabad, Telangana, India
    TCS Deccan Park, Cafeteria Plot No.Hitech City Main Rd, Software Units Layout, HUDA Techno Enclave, Madhapur, Hyderabad, 500081. Education : Minimum 15 years of full-time education (10th, 12th and Gr...Show moreLast updated: 24 days ago
    • Promoted
    Senior Manager - Information Security (GRC)

    Senior Manager - Information Security (GRC)

    NaviIndia
    About the Team At Navi, the InfoSec team safeguards our digital ecosystem - ensuring the confidentiality, integrity, and availability of critical systems and data. We lead the charge on cyber risk m...Show moreLast updated: 9 days ago
    • Promoted
    CoinDCX - Lead Information Security Engineer - GRC

    CoinDCX - Lead Information Security Engineer - GRC

    CDCX TECHNOLOGIES PRIVATE LIMITEDBangalore
    The CoinDCX Journey : Tomorrow, today : At CoinDCX, we believe CHANGE STARTS TOGETHER.You are the driving force that will help us make We...Show moreLast updated: 7 days ago
    • Promoted
    Cyber Security Specialist - GRC Tools

    Cyber Security Specialist - GRC Tools

    workingbees Global Pvt.LtdHyderabad
    Job Title : Cyber Security Specialist GRC (ERM) FAIR (Factor Analysis of Information Risk) is Mandatory ...Show moreLast updated: 15 days ago
    • Promoted
    Morae - Information Security GRC Consultant

    Morae - Information Security GRC Consultant

    MORAE SERVICES INDIA PRIVATE LIMITEDBangalore
    Job Title : Information Security Governance Risk & Compliance.Job Location : Bangalore.Morae Global seeks to find the best and the brightest people those who understand wha...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Information Security Specialist

    Information Security Specialist

    Airtel Payments BankIndia
    Job Description : Primary Responsibility would be to manage the organizational practices for the following : Vulnerability Assessment Infrastructure(Cloud / Traditional DC) Penetration Testing Configur...Show moreLast updated: 6 hours ago
    • New!
    Information Security Specialist

    Information Security Specialist

    BP EnergyPune, MH, India
    Technology .IT&S Group .In this Information Security role, you will be embedded within the technology team supporting bp’s Mobility and Convenien...Show moreLast updated: 2 hours ago
    Information Security Specialist - GRC Hyderabad, Telangana | Full Time

    Information Security Specialist - GRC Hyderabad, Telangana | Full Time

    CAMBRIDGE TECHNOLOGY INDIA PVT LTDINDIA
    We are seeking a GRC Certified Engineer in the IT services Energy domain to ensure compliance with governance, risk, and cybersecurity regulations specific to the energy sector, including NERC CIP...Show moreLast updated: 30+ days ago