GRC Executive 1
Sunera Technologies
Hyderabad, IN
3d ago

Job ID : SU1034

Role : GRC Executive 1

Type of Employment : Permanent

Work Location

Hyderabad - Gachibowli / Uppal

Required Qualifications

B.Tech or B.Sc (Stats)

General Shifts

Experience in terms of number of years

4 to 6 years

Role & Responsibilities

  • Experience in Audits and Assessments preferably covering ISO 27001, SOC 1 & SOC 2 Type 2, GDPR and HIPAA.
  • Helping to manage the development and implementation of security policies, standards, guidelines and procedures to ensure the ongoing improvement and maintenance of security posture in line with ISO 27001, SOC 1 & SOC 2 and GDPR standards & regulations.
  • Develop and maintain assessment checklist and documents. Conduct comprehensive risk assessment and prepare impeccable reports.
  • Conduct Process understanding discussions with the Clients as part of assessing risks arising from their use of Technology and identify control gaps within their processes.
  • Perform SOC 1 and SOC 2 (System and Organization Controls) assessments in accordance with the attestation standards established by the AICPA (American Institute of Certified Public Accountants).
  • Assist in planning activities, development of audit program, and execution of internal audits and IT control assessments in the following areas : cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, and application controls, and regulatory / compliance requirements.
  • Review current processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management.
  • Work with client management team to assist in implementation of new processes and controls to address key risks, as necessary.
  • Experience in identifying control gaps and communicating audit findings and control redesign recommendations to Sr. Management and Clients.
  • Candidate should have Sound knowledge on Business Impact Analysis, Risk Assessment Methodology, and knowledge on the Business continuity standard.
  • Candidate should have Sound knowledge on Information Security policy and procedures, knowledge on statement of applicability.
  • Technical knowledge of information security and privacy is preferred

    ISO 27001 LA certification is mandatory.

    Key Skills

  • Data Privacy
  • Risk Assessment
  • Information Security Management System

    Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form