GRC Analyst

Role: Governance, Risk and Compliance Anayst Location: Aundh, Pune, Maharashtra About the company Credit cards haven't changed much for over half a century so our team of seasoned bankers, technologists, and designers set out to redefine the credit card for you - the consumer. The result is OneCard - a credit card reimagined for the mobile generation. OneCard is India's best metal credit card built with full-stack tech. It is backed by the principles of simplicity, transparency, and giving back control to the user. Key Responsibilities: Policy and Procedure Management: Assist in the regular review, development, and updating of information security policies, procedures, and standards to ensure they remain current with industry best practices and regulatory requirements. Compliance Monitoring: Support continuous compliance monitoring activities across different frameworks. This includes tracking and reporting on Key Performance Indicators (KPIs) to measure the effectiveness of security controls. Vulnerability Management: Collaborate with technical teams to track the remediation and closure of identified vulnerabilities, ensuring that they are addressed within agreed-upon timelines. Vendor Risk Management: Participate in the third-party risk management program by conducting security due diligence and risk assessments of new and existing vendors to ensure they meet our security standards. Reporting: Assist in preparing reports and dashboards for management on the status of GRC initiatives, risk posture, and compliance levels. Audit Support: Provide support during internal and external audits by helping to gather evidence and documentation. Experience: 0-2 years of relevant experience in a GRC, information security, or IT audit role with strong foundational knowledge of information security principles and practices. Skills and Qualifications: A Bachelor’s degree in Information Technology, Cyber Security, Computer Science, or a related field is required. Framework Proficiency: Must have a strong understanding of security and compliance frameworks such as ISO 27001, SOC 2, and PCI DSS. Analytical & Problem-Solving Skills: Excellent analytical skills with a keen eye for detail and a creative approach to problem-solving. Ownership and Initiative: A proactive and self-motivated individual with a strong sense of ownership and responsibility. Capable of working independently on assigned tasks and making well-reasoned decisions. Communication: Strong written and verbal communication skills, with the ability to collaborate effectively with cross-functional teams. Certifications: Any additional cybersecurity or GRC-related certifications (e.g., CompTIA Security+, ISO 27001 LA/LI) are an advantage but not mandatory. Nice to have - Regulatory Knowledge: Familiarity with RBI regulations and guidelines for Fintech companies in India is highly desirable.

Apply Now