Amagi - Analyst - Governance / Risk & Compliance

What are we looking for in potential candidates?.

• Be a team player.
• Be hands-on at work.
• Believe in adopting an innovative approach towards cybersecurity risk management and governance.
• Willingness to learn technical aspects of security.
• Self starter.

Who will the role report to?.

• This role will report to the Director GRC.

What is the scope of operation?.

• Third-Party Risk Management (TPRM).
• Support for Audit Readiness and Evidence Collection.
• Internal Governance and Risk Management.

What is the desired outcome in the next two years?.

• A sustainable vendor security risk management process.
• A sustainable internal compliance team.
• Continuous monitoring and reporting of the Product risk posture.
• Processes to monitor the implementation effectiveness of security controls.

Key Responsibilities.

• Support products in sustaining SOC2 compliance by regular internal assessments.
• Engage with vendors for regular security and risk review.
• Continuous monitoring and scoring of vendor risk.
• Monitor security control effectiveness and highlight deviations.
• To carry out Amagi's Security Awareness Program.
• Manage governance documentation.

Required Competencies :

• Basic understanding and working knowledge of AWS / GCP.
• Basic understanding of security standards, policies, and processes.
• Basic understanding of SOC2, audit, and compliance validation.
• Working knowledge of carrying out TPRM assessments.
• Good documentation skills.
• Ability to work cross-functionally with Legal,IT and Engineering.
• Strong analytical and problem-solving mindset.
• Comfort with ambiguity and willingness to shape early-stage processes.

Work Experience :

1-3 Years of experience in Vendor risk management and Compliance review.

(ref : iimjobs.com)