IN_Associate_Cybersecurity Governance_Cyber as a Service_Advisory_Pan India

Description & SummaryWe are seeking a skilled and experienced Cybersecurity Governance & Risk Manager to lead and execute key cybersecurity governance, risk management, and compliance activities. This role will be responsible for managing cyber risk scoring, third-party risk assessments, policy and SOP reviews, and ensuring compliance with various regulatory frameworks including ISO 27001, PCI DSS, and ISO 27701 (PIMS). The ideal candidate will have hands-on experience in cybersecurity governance, audit coordination, and GRC tool operations. Responsibilities: 1. Security Governance Cyber Risk Score Management Evaluate and publish monthly cybersecurity risk scores based on defined KPIs. Revise KPI weightage and identify new KPIs in consultation with leadership. Collect and validate KPI data and artefacts. Publish dashboards and derive actionable insights for management. Security Policy Tools & Technology Governance Review 30 critical security tools for policy alignment and compliance. Conduct periodic reviews and present findings to GRC leads. SOP Review & Management Review and update 25 SOPs for accuracy and compliance. Collaborate with SMEs to improve SOPs and maintain a centralized repository. --- 2. Risk Governance & Management Third Party Risk Management (TPRM) Classify vendors and conduct quarterly on-site assessments for vendors. Publish assessment reports and follow up on open observations. Maintain vendor and audit master data. Enhance audit checklists and collaborate across functions. Identify automation opportunities and conduct quarterly training sessions. --- 3. Compliance Services GRC Tool Operations Create and manage controls for multiple standards (ISO, PCI DSS, UIDAI, RBI, etc.). Configure assessments and manage respondent roles. Provide training and support for tool users. Track issues, remediation, and enhancements. Drive ICFR self-assessments and regulatory compliance reporting. ISO 27001 & PCI DSS Maintenance Manage ISMS framework and certification upkeep across locations. Conduct bi-annual internal audits and support external audits. Perform MRM meetings, InfoSec trainings, and annual risk assessments. Conduct PCI DSS retail assessments using GRC tools. Privacy Information Management System (PIMS) Manage ISO 27701 certification and framework. Conduct internal and external audits, track remediation efforts. Update documentation and conduct annual MRMs and risk assessments. Lead training and awareness programs. Requirements 2–5 years of experience in cybersecurity governance, risk management, and compliance. Strong understanding of GRC tools and frameworks. Experience with ISO 27001, PCI DSS, and privacy regulations. Excellent communication and stakeholder management skills. Ability to travel PAN India for on-site assessments and audits. Certifications such as CISA, CISM, ISO 27001 LA are highly preferred. Mandatory Skill Sets: Cybersecurity Preferred Skill Sets Cyber Audits, Assessment Years of Experience Required: 2+ Years Education Qualification: Any Graduate Education Degrees/Field of Study required: Bachelor DegreeDegrees/Field of Study preferred:Certifications Required Skills CybersecurityOptional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more}Desired Languages Travel Requirements Not SpecifiedAvailable for Work Visa Sponsorship? NoGovernment Clearance Required? NoJob Posting End Date

Apply Now