Talent.com
Governance, Risk, and Compliance Analyst

Governance, Risk, and Compliance Analyst

ConfidentialIndia, Cochin / Kochi / Ernakulam
8 days ago
Job description

Position Summary

As a GRC Analyst, you will play a pivotal role in supporting and enabling Governance, Risk, and Compliance (GRC) operations across our cybersecurity services. Your primary focus will be to enhance risk management processes, strengthen compliance frameworks, and support strategic initiatives that drive the organization's security posture and business resilience. You will act as a key collaborator between technical teams, business units, and executive leadership, translating compliance requirements into actionable plans.

Key Responsibilities

Governance Enablement & Strategy

  • Support the design, implementation, and continuous improvement of the organization's GRC

enablement strategy, covering tooling, workflows, reporting, and process optimization.

  • Assist in developing frameworks and controls that align with industry standards (e.g., ISO 27001,

    • NIST, GDPR, PCI-DSS).

  • Help manage the governance structure, including policy lifecycle management, compliance

    • awareness programs, and control implementation.

    Risk Management & Compliance Operations

  • Conduct risk assessments, control effectiveness reviews, and gap analyses in coordination with

    • technical and business stakeholders.

  • Assist in managing compliance assessment requests, ensuring effective intake, tracking, and

    • prioritization of projects.

  • Provide hands-on support for coordinating internal and external audit activities and regulatory

    • compliance reviews.

  • Maintain comprehensive compliance dashboards, reports, and metrics to track risk status, control

    • effectiveness, and compliance posture.

    Tooling & Process Improvement

  • Assist in the selection, deployment, and management of GRC tools and technologies (e.g., Archer,

    • ServiceNow GRC, MetricStream) to streamline risk and compliance operations.

  • Collaborate with IT and security teams to integrate automated controls and reporting into existing

    • workflows and systems.

  • Identify opportunities for process automation, efficiency gains, and proactive risk identification.

    • Collaboration & Communication

  • Partner with IT, Security, Legal, and Business Units to ensure compliance activities align with

    • business objectives.

  • Translate complex compliance and risk findings into clear, actionable insights for technical and non

    • technical stakeholders.

  • Assist in delivering training and awareness programs related to governance and compliance

    • policies.

    Required Qualifications

  • 3+ years of experience in GRC, Information Security, IT Risk, or Compliance functions.
  • Strong understanding of industry-standard frameworks and regulations (NIST, ISO 27001, GDPR, PCI-DSS, SOC2).
  • Experience working with GRC platforms and tools such as RSA Archer, ServiceNow GRC,

    • MetricStream, or similar.

  • Hands-on experience in risk assessments, compliance audits, and policy implementation.
  • Familiarity with cloud environments (AWS, Azure, GCP) and their associated compliance challenges.
  • Strong analytical skills and a data-driven mindset for decision making.
  • Excellent written and verbal communication skills, with the ability to articulate technical concepts

    • to business audiences.

    Preferred Qualifications

  • Certifications such as CISA, CISM, CISSP, CRISC, or PMP.
  • Experience in automating compliance processes within DevSecOps pipelines.
  • Solid understanding of IT and security control frameworks (CIS Controls, MITRE ATT&CK).
  • Exposure to compliance monitoring of cloud-native environments.
  • Experience in regulatory environments (e.g., finance, healthcare, government).

    • Professional Attributes We Value

  • Strong problem-solving skills and attention to detail
  • Ability to operate independently in a fast-paced environment
  • Strategic thinker with a continuous improvement mindset
  • Collaborative approach, building trust with cross-functional teams
  • Passion for keeping up-to-date with emerging cybersecurity and compliance trends.

    • As a GRC Analyst in our cybersecurity services team, you will have the opportunity to influence riskbased decisions, improve compliance maturity, and protect our clients' critical assets from regulatory and security risks. If you are driven by governance excellence and have a solid technical understanding of cybersecurity controls, we encourage you to apply.

    Skills : grc,it risk management,aws

    Skills Required

    Gdpr, IT Risk, Compliance, Information Security, SOC2, Rsa Archer, Iso 27001, Gcp, Grc, nist, Azure, Aws

    Create a job alert for this search

    Risk And Compliance Analyst • India, Cochin / Kochi / Ernakulam