Talent.com
Security Engineer - GRC

Security Engineer - GRC

GrowwKarnataka, India
1 day ago
Job description

About Groww

We are a passionate group of people focused on making financial services accessible to every Indian through a multi-product platform. Each day, we help millions of customers take charge of their financial journey.

Customer obsession is in our DNA. Every product, every design, every algorithm down to the tiniest detail is executed keeping the customers’ needs and convenience in mind.

Our people are our greatest strength. Everyone at Groww is driven by ownership, customer-centricity, integrity and the passion to constantly challenge the status quo.

Are you as passionate about defying conventions and creating something extraordinary as we are? Let’s chat.

Our Vision

Every individual deserves the knowledge, tools, and confidence to make informed financial decisions. At Groww, we are making sure every Indian feels empowered to do so through a cutting-edge multi-product platform offering a variety of financial services.

Our long-term vision is to become the trusted financial partner for millions of Indians.

Our Values

Our culture enables us to be what we are — India’s fastest-growing financial services company. It fosters an environment where collaboration, transparency, and open communication take center-stage and hierarchies fade away. There is space for every individual to be themselves and feel motivated to bring their best to the table, as well as craft a promising career for themselves.

The values that form our foundation are :

  • Radical customer centricity
  • Ownership-driven culture
  • Keeping everything simple
  • Long-term thinking
  • Complete transparency

EXPERTISE AND QUALIFICATIONS

What you’ll do :

  • Policy Development and Enforcement : Develop, implement, and maintain policies, procedures, standards, and associated plans based on industry best practices such as ISO 27001, NIST, ITGC, PCI-DSS, etc. Ensure rigorous enforcement of these policies.
  • Risk Assessment and Management : Conduct technology-based gap risk assessments, third-party risk assessments, and M&A security governance. Manage exceptions against Groww standards to maintain risk at an acceptable level.
  • Compliance Checks : Perform compliance checks for user access management on network, servers, and applications. Additionally, ensure compliance with security and hardening standards for network, servers, applications, and workstations.
  • Compliance Reporting : Prepare compliance reports and remediation plans based on periodic reviews of application, workstation, server, and network device configurations.
  • Data Loss Prevention (DLP) and CASB : Monitor and maintain compliance of Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) for all applications, infrastructure, and systems supporting Groww operations to prevent data leakage.
  • SDLC Risk Assessment : Conduct risk assessments on applications during the Software Development Life Cycle (SDLC) and perform compliance checks related to access control and data sanitization.
  • Risk Register Management : Identify, document, and maintain an information security risk register. Regularly report to the security lead and other stakeholders.
  • Third-Party Risk Management : Provide monitoring, independent oversight, and facilitate the execution and continuous improvement of third-party risk management and M&A programs and processes.
  • Security Control Automation : Influence security control automation efforts to enhance security and compliance at scale.
  • Audit Representation : Represent Groww's security posture in both internal and external audits.
  • Security Awareness : Drive security awareness initiatives and conduct regular training on Groww’s security policies and standard requirements through training sessions, communication, and workshops.

    • What we're looking for :

  • A bachelor’s degree in information technology or a related field provides a strong foundation.
  • A minimum of 1-3 years of professional experience in information security practices, with at least 1 year specializing in Governance, Risk, and Compliance (GRC) domains.
  • Previous experience in managing SEBI, RBI, and IRDAI compliance and audits is highly valuable.
  • Proficiency in security policy management and a deep understanding of security standards and frameworks, including CSA CCM, ISO 27001 : 2013, NIST CSF, PCI-DSS, SOX, and SOC2.
  • Solid grasp of operational and organizational structures, including experience in global, matrix organizations, and third-party risk management.
  • Strong knowledge of core security principles such as least privilege access, defense in depth, preventative vs. detective controls, network security, cloud security, application security, endpoint security, data protection, and incident response.
  • Familiarity with agile methodologies and experience in DevOps or DevSecOps practices, along with an understanding of how they impact risk management and compliance.
  • Possession of information security certifications, such as CISSP, CISM, CRISC, CEH, or ISO 27001, demonstrates expertise and will be an added benefit.
  • Experience in reviewing High-Level Design (HLD) and Low-Level Design (LLD) and driving cross-functional programs is a plus.
    • Create a job alert for this search

    Security Engineer • Karnataka, India

    Related jobs
    • Promoted
    Security Engineer

    Security Engineer

    ElucidataKarnataka, India
    Delhi / Bangalore (3 days in office).Elucidata is an AI Solutions Tech Data-centric AI company on a mission to make life sciences AI-ready. Headquartered in San Francisco with a 120+ member team acro...Show moreLast updated: 1 day ago
    • Promoted
    Security Infrastructure Engineer

    Security Infrastructure Engineer

    RingCentralKarnataka, India
    SecOps Infrastructure Engineer / Administrator.Administer and maintain security products (web application firewall, IDS, (h)IPS, EDR, phishing training, vulnerability management, SIEM, etc).Conduct r...Show moreLast updated: 1 day ago
    Security Architect

    Security Architect

    ObjectWin Technology India Pvt. LtdKA, India
    Quick Apply
    Please find below JD for MRF00741 4-7 years of experience in cybersecurity.Yrs - 20 LPA 5 to 7 Yrs- 20 to 26 LPA.Looking for a Junior Security Engineer...Show moreLast updated: 3 days ago
    • Promoted
    SAP BTP Security Technical Consultant

    SAP BTP Security Technical Consultant

    Tata Consultancy ServicesKarnataka, India, India
    Experience with SAP Cloud Identity Services.SAP Authorization and Trust Management Service.Analyze new business requirements and changes to existing functionalities (small and medium size projects)...Show moreLast updated: 3 days ago
    • Promoted
    Security & DR Automation Eng

    Security & DR Automation Eng

    LTIMindtreeKarnataka, India, India
    Senior Infrastructure Security & Compliance Engineer (Zero-Touch GPU Cloud – GitOps-Driven Compliance & Resilience).Senior Infrastructure Security & Compliance Engineer. Zero-Touch Build, Upgrade, a...Show moreLast updated: 24 days ago
    • Promoted
    Senior Information Security Platform Engineer, ITC

    Senior Information Security Platform Engineer, ITC

    NIKEKarnataka, Karnataka, India
    You’ll be a key member of the SecureCode team within the Application Security Consulting group, collaborating with Corporate Information Security and cross-functional teams across Nike.In this posi...Show moreLast updated: 30+ days ago
    • Promoted
    Cyber Security Engineer

    Cyber Security Engineer

    ACL DigitalKarnataka, India
    ACL Digital (An Alten Group Company) hiring for Cyber Security Engineer / Vulnerability Management Engineer.Interested candidates can reach out at. Location : Bellandur, Bengaluru.Notice Period : Less...Show moreLast updated: 1 day ago
    • Promoted
    Network Security Engineer

    Network Security Engineer

    Tata Consultancy ServicesKarnataka, India, India
    Role : Network Security - Firewall Palo Alto.Hands on experience on Palo Alto network firewalls including Configuration, Firewall rules management. Panorama Management : Proficiency in managing Palo A...Show moreLast updated: 17 days ago
    • Promoted
    HW / FW Automation Eng

    HW / FW Automation Eng

    LTIMindtreeKarnataka, India, India
    Senior Infrastructure Automation Engineer (Zero-Touch GPU Cloud Build & Upgrade).Senior Infrastructure Automation Engineer. Zero-Touch Build, Upgrade, and Certification framework.This role demands d...Show moreLast updated: 24 days ago
    • Promoted
    SecOps Engineer

    SecOps Engineer

    JosysKarnataka, India
    Security Operations (SecOps) Engineer.Engineering Manager – Platform & Security.Josys is on a mission to redefine enterprise IT operations through automation, visibility, and security.As we continu...Show moreLast updated: 1 day ago
    • Promoted
    Senior Information Security Engineer, Insider Threat,ITC

    Senior Information Security Engineer, Insider Threat,ITC

    NIKEKarnataka, Karnataka, India
    You will be part of Corporate Information Security (CIS), reporting into the Data Protection Engineering team under Insider Threat. You will work closely with other CIS, Technical Operations, and De...Show moreLast updated: 30+ days ago
    • Promoted
    GFX IP Verification Engineer

    GFX IP Verification Engineer

    ACL DigitalKarnataka, India
    Ramp up on the GFx IP and the verification infrastructure.Debug C++ based testcases using logs and waveforms.Regression debug and root cause, raise JIRAs and verify the fixes.Debug and fix the PSS ...Show moreLast updated: 1 day ago
    • Promoted
    Lead Information Security Platform Engineer, ITC

    Lead Information Security Platform Engineer, ITC

    NIKEKarnataka, Karnataka, India
    It is a place to explore potential, obliterate boundaries and push out the edges of what can be.The company looks for people who can grow, think, dream and create. Its culture thrives by embracing d...Show moreLast updated: 30+ days ago
    • Promoted
    Security Engineer

    Security Engineer

    TalentiserKarnataka, India
    We’re Hiring : Traffic Security Engineer | Bengaluru, India.Location : Bengaluru | 💼 Experience : 5+ years | 🕒 Full-time. We’re looking for a highly skilled Traffic Security Engineer to design and im...Show moreLast updated: 1 day ago
    • Promoted
    Senior Application Security Engineer

    Senior Application Security Engineer

    AtomicworkKarnataka, India
    Atomicwork is reimagining IT and workplace operations by putting employees at the center of the experience.With a strong emphasis on automation, integration, and security, Atomicwork helps organiza...Show moreLast updated: 1 day ago
    • Promoted
    Senior Information Security Engineer, ITC

    Senior Information Security Engineer, ITC

    NIKEKarnataka, Karnataka, India
    Understands and is experienced in our realm of capabilities and toolsets that we leverage including Endpoint Protection, Web proxy security, email security, IDS / IPS, WAF, PKI and Advanced Threat Pr...Show moreLast updated: 30+ days ago
    • Promoted
    Security Analyst

    Security Analyst

    Tata Consultancy ServicesKarnataka, India, India
    Sailpoint identity engineer certification.Minimum 8+ Years of Experience on Sailpoint IIQ product, java and Angular.In-Depth knowledge of Sailpoint Integration with 3rd party tools.DevOps skills an...Show moreLast updated: 24 days ago
    • Promoted
    C&S Infrastructure Security Engineer - Windows server OS and Mac OS

    C&S Infrastructure Security Engineer - Windows server OS and Mac OS

    Sonata SoftwareKarnataka, India
    Minimum experience of 6 years in engineering & operations of security & compliance of Windows Server OS and Mac OS environment. Hands-on experience in analysing, testing and implementing security-re...Show moreLast updated: 1 day ago