GRC/Infosec Analyst

People from Big 4 / NBFCs / banks

Person must be ISO 27001 certified

The role will entail the management of Governance risk compliance, RBI regulations, Audit risk Assessments.

Exp range : 3-6 years

Location : Navi Mumbai

Role:

- Conducted internal audits based on ISO 27001, 27017, 27018, 27701, NIST 800-53, and NIST CSF for 30 client accounts across 4 locations.

- Led governance, risk, and compliance discussions, aligning security objectives with regulations and addressing key domain gaps effectively.

- Evaluated security technologies like SIEM, DLP, EDR, PIM/PAM, and CI/CD to enhance risk management and compliance frameworks.

- Executed third-party security risk assessments for 20 vendors handling sensitive client data, including PII, PHI, PCI, and critical IT assets.

- Led GDPR and CCPA compliance projects, conducted DPIAs by creating privacy policies, in alignment with the regulatory frameworks.