GRC Analyst [Immediate Start]

Role : Governance, Risk and Compliance Anayst

Location : Aundh, Pune, Maharashtra

About the company

Credit cards haven't changed much for over half a century so our team of seasoned bankers, technologists, and designers set out to redefine the credit card for you - the consumer. The result is OneCard - a credit card reimagined for the mobile generation. OneCard is India's best metal credit card built with full-stack tech. It is backed by the principles of simplicity, transparency, and giving back control to the user.

Key Responsibilities :

1. Policy and Procedure Management : Assist in the regular review, development, and updating of information security policies, procedures, and standards to ensure they remain current with industry best practices and regulatory requirements.

2. Compliance Monitoring : Support continuous compliance monitoring activities across different frameworks. This includes tracking and reporting on Key Performance Indicators (KPIs) to measure the effectiveness of security controls.

3. Vulnerability Management : Collaborate with technical teams to track the remediation and closure of identified vulnerabilities, ensuring that they are addressed within agreed-upon timelines.

4. Vendor Risk Management : Participate in the third-party risk management program by conducting security due diligence and risk assessments of new and existing vendors to ensure they meet our security standards.

5. Reporting : Assist in preparing reports and dashboards for management on the status of GRC initiatives, risk posture, and compliance levels.

6. Audit Support : Provide support during internal and external audits by helping to gather evidence and documentation.

Experience :

0-2 years of relevant experience in a GRC, information security, or IT audit role with strong foundational knowledge of information security principles and practices.

Skills and Qualifications :

1. A Bachelor’s degree in Information Technology, Cyber Security, Computer Science, or a related field is required.

2. Framework Proficiency : Must have a strong understanding of security and compliance frameworks such as ISO 27001, SOC 2, and PCI DSS.

3. Analytical & Problem-Solving Skills : Excellent analytical skills with a keen eye for detail and a creative approach to problem-solving.

4. Ownership and Initiative : A proactive and self-motivated individual with a strong sense of ownership and responsibility. Capable of working independently on assigned tasks and making well-reasoned decisions.

5. Communication : Strong written and verbal communication skills, with the ability to collaborate effectively with cross-functional teams.

6. Certifications : Any additional cybersecurity or GRC-related certifications (e.g., CompTIA Security+, ISO 27001 LA / LI) are an advantage but not mandatory.

7. Nice to have - Regulatory Knowledge : Familiarity with RBI regulations and guidelines for Fintech companies in India is highly desirable.