Talent.com
Senior Security Engineer - GRC

Senior Security Engineer - GRC

GrowwBengaluru, Karnataka, India
30+ days ago
Job description

About Groww

We are a passionate group of people focused on making financial services accessible to every Indian through a multi-product platform. Each day, we help millions of customers take charge of their financial journey.

Customer obsession is in our DNA. Every product, every design, every algorithm down to the tiniest detail is executed keeping the customers’ needs and convenience in mind.

Our people are our greatest strength. Everyone at Groww is driven by ownership, customer-centricity, integrity and the passion to constantly challenge the status quo.

Are you as passionate about defying conventions and creating something extraordinary as we are? Let’s chat.

Our Vision

Every individual deserves the knowledge, tools, and confidence to make informed financial decisions. At Groww, we are making sure every Indian feels empowered to do so through a cutting-edge multi-product platform offering a variety of financial services.

Our long-term vision is to become the trusted financial partner for millions of Indians.

Our Values

Our culture enables us to be what we are — India’s fastest-growing financial services company. It fosters an environment where collaboration, transparency, and open communication take center-stage and hierarchies fade away. There is space for every individual to be themselves and feel motivated to bring their best to the table, as well as craft a promising career for themselves.

The values that form our foundation are :

  • Radical customer centricity
  • Ownership-driven culture
  • Keeping everything simple
  • Long-term thinking
  • Complete transparency

EXPERTISE AND QUALIFICATIONS

What you’ll do :

  • Policy Development and Enforcement : Develop, implement, and maintain policies, procedures, standards, and associated plans based on industry best practices such as ISO 27001, NIST, ITGC, PCI-DSS, etc. Ensure rigorous enforcement of these policies.
  • Risk Assessment and Management : Conduct technology-based gap risk assessments, third-party risk assessments, and M&A security governance. Manage exceptions against Groww standards to maintain risk at an acceptable level.
  • Compliance Checks : Perform compliance checks for user access management on network, servers, and applications. Additionally, ensure compliance with security and hardening standards for network, servers, applications, and workstations.
  • Compliance Reporting : Prepare compliance reports and remediation plans based on periodic reviews of application, workstation, server, and network device configurations.
  • Data Loss Prevention (DLP) and CASB : Monitor and maintain compliance of Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) for all applications, infrastructure, and systems supporting Groww operations to prevent data leakage.
  • SDLC Risk Assessment : Conduct risk assessments on applications during the Software Development Life Cycle (SDLC) and perform compliance checks related to access control and data sanitization.
  • Risk Register Management : Identify, document, and maintain an information security risk register. Regularly report to the security lead and other stakeholders.
  • Third-Party Risk Management : Provide monitoring, independent oversight, and facilitate the execution and continuous improvement of third-party risk management and M&A programs and processes.
  • Security Control Automation : Influence security control automation efforts to enhance security and compliance at scale.
  • Audit Representation : Represent Groww's security posture in both internal and external audits.
  • Security Awareness : Drive security awareness initiatives and conduct regular training on Groww’s security policies and standard requirements through training sessions, communication, and workshops.

    • What we're looking for :

  • A bachelor’s degree in information technology or a related field provides a strong foundation.
  • A minimum of 3-5 years of professional experience in information security practices, with at least 2 years specializing in Governance, Risk, and Compliance (GRC) domains.
  • Previous experience in managing SEBI, RBI, and IRDAI compliance and audits is highly valuable.
  • Proficiency in security policy management and a deep understanding of security standards and frameworks, including CSA CCM, ISO 27001 : 2013, NIST CSF, PCI-DSS, SOX, and SOC2.
  • Solid grasp of operational and organizational structures, including experience in global, matrix organizations, and third-party risk management.
  • Strong knowledge of core security principles such as least privilege access, defense in depth, preventative vs. detective controls, network security, cloud security, application security, endpoint security, data protection, and incident response.
  • Familiarity with agile methodologies and experience in DevOps or DevSecOps practices, along with an understanding of how they impact risk management and compliance.
  • Possession of information security certifications, such as CISSP, CISM, CRISC, CEH, or ISO 27001, demonstrates expertise and will be an added benefit.
  • Experience in reviewing High-Level Design (HLD) and Low-Level Design (LLD) and driving cross-functional programs is a plus.
    • Create a job alert for this search

    Senior Security Engineer • Bengaluru, Karnataka, India

    Related jobs
    • Promoted
    Eightfold AI - Senior Security Engineer

    Eightfold AI - Senior Security Engineer

    EIGHTFOLD AI INDIA PRIVATE LIMITEDBangalore
    Description was founded with a vision to solve for employment in our society.For decades, the connection between individuals and opportunities has been based on who the individuals are and the str...Show moreLast updated: 5 days ago
    • Promoted
    Senior Lead Product Security Engineer

    Senior Lead Product Security Engineer

    ConfidentialBengaluru / Bangalore
    As a Senior Lead Product Security Engineer, you will be responsible for : .Building and executing engineering processes for early detection of design flaws, vulnerabilities, weaknesses, missing secur...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Product Security Engineer

    Senior Product Security Engineer

    ConfidentialBengaluru / Bangalore
    At Toast, we are committed to creating innovative solutions that enhance security and leverage the power of artificial intelligence to drive restaurant business growth and help them thrive.We are s...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Engineer - Cyber Defence

    Senior Engineer - Cyber Defence

    ConfidentialBengaluru / Bangalore
    Monitor and detect early signals of compromise and automate security response strategies.Administer and optimize SIEM tools with custom correlation rules for threat detection.Lead advanced threat a...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Application Security Engineer

    Senior Application Security Engineer

    AtomicworkBengaluru, Karnataka, India
    Atomicwork is reimagining IT and workplace operations by putting employees at the center of the experience.With a strong emphasis on automation, integration, and security, Atomicwork helps organiza...Show moreLast updated: 24 days ago
    • Promoted
    Senior Product Cyber Security Engineer - GRC

    Senior Product Cyber Security Engineer - GRC

    People KonnectBangalore
    Role : Senior Product Cybersecurity Supplier - GRC Analyst (Embedded / OT only) Client : Global Electrical Product Comp...Show moreLast updated: 30+ days ago
    Senior Product Security Offensive Engineer

    Senior Product Security Offensive Engineer

    iManageBengaluru, Karnataka, IN
    Quick Apply
    We offer a flexible working policy that supports the health and well-being of our iManage employees.As an organization, we value collaborating and learning from our peers in person, while providing...Show moreLast updated: 5 days ago
    • Promoted
    Senior Application Security Engineer

    Senior Application Security Engineer

    ConfidentialBengaluru / Bangalore
    EagleView, the leader in aerial imagery, is hiring a Senior Application Security Engineer to help validate that our services, applications, and websites are designed and implemented to the highest ...Show moreLast updated: 28 days ago
    • Promoted
    Security Engineer

    Security Engineer

    InfogainBengaluru, Karnataka, India
    Title : Security Engineer (6+ Years).Use CrowdStrike reports to evaluate all security vulnerabilities on both Windows and Linux systems. Analyze the requirements to remediate the security vulnerabili...Show moreLast updated: 6 days ago
    • Promoted
    Senior Security Engineer

    Senior Security Engineer

    ConfidentialBengaluru / Bangalore
    Skilled Senior Security Engineer with expertise in LISA Assessment, application security, B2B / B2C commerce platforms, and vulnerability management. Known for strong analytical thinking, problem-solv...Show moreLast updated: 30+ days ago
    • Promoted
    Contractor Security Engineer Level 3 – GRC Tech Solutions

    Contractor Security Engineer Level 3 – GRC Tech Solutions

    MindlanceBangalore, IN
    Remote Role | Contractor Security Engineer Level 3 – GRC Tech Solutions.This position focuses on enabling process clarity, automation, and efficiency while creating insights that empower our busine...Show moreLast updated: 6 days ago
    • Promoted
    Lead Security Engineer

    Lead Security Engineer

    ArcanaBangalore, IN
    As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Security Engineer - Threat Detection and SIEM

    Senior Security Engineer - Threat Detection and SIEM

    ConfidentialBengaluru / Bangalore
    Develop clear documentation for processes, metrics, and outcomes, ensuring adherence to SLAs and compliance requirements. Foster continuous improvement in threat detection and SIEM management.Provid...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Security Engineer

    Senior Security Engineer

    Sennovate Inc.Bengaluru, India
    Sennovate is an Information Security managed Security Service provider (MSSP) that specializes in Identity and Access Management (IAM) and Security Operations Center (SOC) powered by AI.For more in...Show moreLast updated: 11 days ago
    • Promoted
    • New!
    Senior Product Security Engineer

    Senior Product Security Engineer

    ConnectwiseBangalore
    Description : ConnectWise is an industry and Global leading software company with over 3,000 colleagues in North America, EMEA and APAC.As a community-driven ...Show moreLast updated: 16 hours ago
    • Promoted
    Senior Engineer II- Security [T500-21025]

    Senior Engineer II- Security [T500-21025]

    lululemonBengaluru, Karnataka, India
    Setting the bar in technical fabrics and functional design, we create transformational products and experiences that support people in moving, growing, connecting, and being well.We owe our success...Show moreLast updated: 3 days ago
    • Promoted
    Senior Security Engineer

    Senior Security Engineer

    CBTSvijayapura, India
    Senior level roles as IT Security Architect, IT Security Engineer, IT Security Auditor, Cyber-Security Analyst, Cyber-Intelligence Analyst. Certifications, Accreditations, Licenses.One or more of th...Show moreLast updated: 4 days ago
    • Promoted
    Senior Cyber Security Engineer

    Senior Cyber Security Engineer

    ConfidentialBengaluru / Bangalore
    The Senior Cyber Security Engineer is responsible for designing, coding / configuring, and administering Cyber Security systems. This person is expected to champion processes and technology as a subje...Show moreLast updated: 30+ days ago