Talent.com
This job offer is not available in your country.
Senior GRC Analyst - Information / Cyber Security

Senior GRC Analyst - Information / Cyber Security

EthosBangalore
22 days ago
Job description

About Ethos :

Ethos was built to make it faster and easier to get life insurance for the next million families.

Our approach blends industry expertise, technology, and the human touch to find you the right policy to protect your loved ones.

We leverage deep technology and data science to streamline the life insurance process, making it more accessible and convenient.

Using predictive analytics, we are able to transform a traditionally multi-week process into a modern digital experience for our users that can take just minutes! Weve issued billions in coverage each month and eliminated the traditional barriers, ushering the industry into the modern age.

Our full-stack technology platform is the backbone of family financial health.

We make getting life insurance easier, faster and better for everyone.

Our investors include General Catalyst, Sequoia Capital, Accel Partners, Google Ventures, SoftBank, and the investment vehicles of Jay-Z, Kevin Durant, Robert Downey Jr and others.

This year, we were named on CB Insights' Global Insurtech 50 list and BuiltIn's Top 100 Midsize Companies in San Francisco.

We are scaling quickly and looking for passionate people to protect the next million families!.

About The Role :

The GRC Analyst is responsible for supporting the organization's information security governance, risk, and compliance activities.

This role involves ensuring that the organizations security policies, procedures, and practices are aligned with regulatory requirements, industry standards, and best practices.

The ideal candidate will have a strong understanding of information Security & Privacy principles, Third Party Vendor Risk management, ITGC & SOC2 audit controls, and the ability to communicate complex security issues to various stakeholders.

Duties And Responsibilities :

Governance : .

  • Develop, implement, and maintain information security policies and procedures.
  • Ensure alignment of security governance frameworks with business objectives and regulatory requirements.
  • Assist in the creation and maintenance of the information security governance structure.

Risk Management : .

  • Conduct information security risk assessments and evaluate the effectiveness of existing controls.
  • Identify, assess, and document risks related to information security & privacy across the organization.
  • Conduct regular risk assessments for existing and potential vendors.
  • Monitor and report on the organizations information security risk posture.

    • Compliance : .

  • Ensure compliance with relevant information security regulations, standards, and frameworks (e.g, ISO 27001, SOC2, ITGC, NIST, PCI-DSS, CCPA, NYDFS, HIPAA).
  • Conduct regular security compliance assessments and audits.
  • Track and report on compliance gaps and work with relevant teams to address deficiencies.
  • Stay current on emerging security regulations and industry best practices.
  • Develop and deliver information security awareness and training programs to staff at all levels.

    • Reporting and Documentation :

  • Maintain comprehensive and accurate documentation related to information security governance, risk, and compliance.
  • Prepare and present reports on the organizations information security activities, risk assessments, and compliance status to senior management.
  • Ensure all documentation is up-to-date and in compliance with regulatory and organizational requirements.

    • Qualifications And Skills :

  • Bachelors degree in Information Security, Computer Science, Cybersecurity, or a related field.
  • 3+ years of experience in information security, risk management and compliance.
  • Strong knowledge of information security frameworks, standards, and regulations (e.g, ISO 27001, NIST, CCPA, PCI-DSS, NYDFS, HIPAA).
  • Experience with security & privacy risk assessment and management methodologies.
  • Extensive experience in Third Party / Vendor Risk Management (TPRM) with hands-on expertise in managing VRM tools (e.g,OneTrust, ProcessUnity, Vanta).
  • Experience in supporting security audits (SOC2, Customer & Partners Audits) At least 2 complete audit cycles of SOC2.
  • Excellent communication skills, with the ability to convey complex security concepts to non-technical stakeholders.
  • Relevant certifications such as ISO 27001 LA LI, CISA, CRISC are highly desirable.

    • Dont meet every single requirement? If youre excited about this role but your past experience doesnt align perfectly with every qualification in the job description, we encourage you to apply anyway.

    At Ethos we are dedicated to building a diverse, inclusive and authentic workplace.

    We are an equal opportunity employer who values diversity and inclusion and look for applicants who understand, embrace and thrive in a multicultural world.

    We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

    Pursuant to the SF Fair Chance Ordinance, we will consider employment for qualified applicants with arrests and conviction records.

    To learn more about what information we collect and how it may be used, please refer to our California Candidate Privacy Notice.

    (ref : hirist.tech)

    Create a job alert for this search

    Senior Security Analyst • Bangalore

    Related jobs
    • Promoted
    ColorTokens - L3 Senior Security Analyst

    ColorTokens - L3 Senior Security Analyst

    ColortokensBangalore
    Job Title : Senior Security Analyst L3 Location : Bangalore (on site) Experience Level : 5 to 8 years<...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Analyst GRC

    Senior Analyst GRC

    ConfidentialBengaluru / Bangalore, India
    As a Senior Security Engineer – II GRC in Governance, Risk, and Compliance (GRC) - Risk Management, you will be instrumental in the design, implementation, and enhancement of risk management and co...Show moreLast updated: 8 days ago
    • Promoted
    GRC Analyst

    GRC Analyst

    ConfidentialBengaluru / Bangalore
    Act as the first line of analysis (L1) to validate that a proposed cybersecurity risk meets criteria for tracking, treatment, and monitoring. Identify and appropriately elevate proposed cybersecurit...Show moreLast updated: 30+ days ago
    • Promoted
    Vendor Risk Management and GRC

    Vendor Risk Management and GRC

    ConfidentialBengaluru / Bangalore
    Support the preparation, coordination, and documentation of compliance audits (e.ISO 27001, SOC 2, ISO 27701, etc.Manage periodic updates of Information security policies in terms of annual updates...Show moreLast updated: 6 days ago
    • Promoted
    Senior Analyst GRC

    Senior Analyst GRC

    Tyson Foods IndiaBengaluru, Karnataka, India
    As a Senior Security Engineer – II GRC in Governance, Risk, and Compliance (GRC) - Risk Management, you will be instrumental in the design, implementation, and enhancement of risk management and co...Show moreLast updated: 25 days ago
    • Promoted
    Lead Information Security Engineer -GRC

    Lead Information Security Engineer -GRC

    InMobi AdvertisingBengaluru, Karnataka, India
    InMobi is the leading provider of content, monetization, and marketing technologies that fuel growth for industries around the world. Our end-to-end advertising software platform, connected content,...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Consultant - GRC

    Senior Consultant - GRC

    Crossbow CybersecurityBengaluru, Karnataka, India
    We’re excited to announce that.ISO 27001 implementation and audit projects.NIST cybersecurity frameworks (e.Provide strategic guidance on . Information Security Management System (ISMS).Collaborate ...Show moreLast updated: 13 days ago
    • Promoted
    Security GRC 2LoD

    Security GRC 2LoD

    Soffit Infrastructure Services (P) LtdBengaluru, Karnataka, India
    Governance, Risk, and Compliance) 2nd Line of Defense (.The role involves monitoring risk remediation efforts, providing expert guidance, and supporting the first line of defense (1LoD) in achievin...Show moreLast updated: 24 days ago
    • Promoted
    Cyderes - Senior Security Analyst - SIEM

    Cyderes - Senior Security Analyst - SIEM

    CyderesBangalore
    Cyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and access management, and professional s...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Security Analyst - L3

    Senior Security Analyst - L3

    ConfidentialBengaluru / Bangalore, India
    Job Title : Senior Security Analyst - L3.Experience Level : 5 to 8 years.At ColorTokens, we empower businesses to stay operational and resilient in an increasingly complex cybersecurity landscape.Bre...Show moreLast updated: 8 days ago
    • Promoted
    Greenway Health - GRC Security Analyst

    Greenway Health - GRC Security Analyst

    GREENWAY HEALTH INDIA PRIVATE LIMITEDBangalore
    The GRC Security Analyst will plan and implement policies, procedures, standards, and controls to govern the protection of corporate information systems, networks, and data.The GRC securi...Show moreLast updated: 30+ days ago
    • Promoted
    GRC - Snr Analyst

    GRC - Snr Analyst

    ConfidentialBengaluru / Bangalore
    In these roles, you are part analyst, engineer, and advisor.You have the ability to ramp up quickly into a solid, productive member of the Security GRC team. You are organized and have the ability t...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Product Cybersecurity Supplier GRC Analyst

    Senior Product Cybersecurity Supplier GRC Analyst

    ConfidentialBengaluru / Bangalore, India
    We're looking for people who put their innovation to work to advance our success - and their own.What YOU WILL EXPERIENCE IN THIS POSITION : . Manage nVent's product cybersecurity third-party supplier...Show moreLast updated: 8 days ago
    • Promoted
    Security Technology Lifecycle Analyst

    Security Technology Lifecycle Analyst

    HR PLACEMENT CONSULTANTS (HRPC)Bangalore Rural, Karnataka, India
    Position - Analyst - Security Technology Lifecycle Analyst.Job Type - Full-time (Third party payroll •).The Security Technology Lifecycle Analyst plays a critical role in supporting the Corporate Se...Show moreLast updated: 19 days ago
    • Promoted
    Senior Security Analyst

    Senior Security Analyst

    Softcell Technologies Global Pvt. Ltd.Bengaluru, Karnataka, India
    Job Title : Senior Security Analyst.Location - Hyderabad & Bangalore.Softcell Global Technologies Pvt.Senior Security Analyst with strong offensive security capabilities across the Web, Network, Mob...Show moreLast updated: 30+ days ago
    • Promoted
    Analyst - GRC (Governance, Risk & Compliance) : 126

    Analyst - GRC (Governance, Risk & Compliance) : 126

    ConfidentialBengaluru / Bangalore, India
    This role has been established to support the business in building sustainable governance andcompliance practices at Amagi. The basic factor required to be successful in this role warrants a good un...Show moreLast updated: 8 days ago
    • Promoted
    Senior Threat Analyst - Cyber Security

    Senior Threat Analyst - Cyber Security

    OptivBangalore
    Job Description : The Sr.Threat Analyst will provide deep-level analysis for client investigations utilizing customer-provided data sources...Show moreLast updated: 3 days ago
    • Promoted
    Senior Product Cybersecurity Supplier - GRC Analyst

    Senior Product Cybersecurity Supplier - GRC Analyst

    ConfidentialBengaluru / Bangalore, India
    Senior Product Cybersecurity Supplier - GRC Analyst.Global Electrical Product Company.Bachelor's degree or equivalent experience in a related field. Ideally 4-10 years of experience with.Governance,...Show moreLast updated: 8 days ago