DigiHelic Solutions - Cybersecurity GRC Specialist

We are looking for an immediate joiner for a Cybersecurity GRC (Governance, Risk, and Compliance) Specialist to join our team in Pune or Mumbai. The ideal candidate will have 1+ years of experience and a solid understanding of cybersecurity frameworks, regulations, and compliance processes.

This role is crucial for ensuring our organization adheres to industry standards and maintains a strong security posture. The GRC Specialist will play a key role in risk assessments, policy development, and internal audits.

Key Responsibilities :

- Compliance Management : Assist in maintaining and monitoring compliance with various cybersecurity regulations and frameworks, including ISO 27001, NIST, COBIT, PCI DSS, and CSF.

- Risk Assessment : Participate in conducting risk assessments to identify, analyze, and report on potential security vulnerabilities and threats to the organization's information assets.

- Policy & Procedure Development : Contribute to the development, review, and implementation of cybersecurity policies, standards, and procedures to ensure alignment with regulatory requirements and business objectives.

- Audit & Assurance : Support internal and external audits by gathering evidence, documenting controls, and assisting in the remediation of identified findings.

- Documentation : Maintain accurate and up-to-date documentation of all GRC activities, including risk registers, compliance reports, and audit findings.

- Stakeholder Communication : Effectively communicate cybersecurity risks and compliance requirements to technical and non-technical stakeholders.

Desired Qualifications :

- Experience : 1 to 3 years of experience in a role focused on information security, cybersecurity compliance, risk assessment, or a similar field.

- Education : A Bachelors degree in Information Technology, Computer Science, or a related field, or equivalent practical experience.

- GRC Frameworks : A good understanding of key IT control and security frameworks such as PCI DSS, NIST, COBIT, CSF, and ISO 27001.

- Regulations : Knowledge of domestic and global cybersecurity regulations is essential.

- Problem-Solving : Strong analytical and problem-solving skills with a keen attention to detail.

- Communication : Excellent written and verbal communication skills, with the ability to create clear and concise documentation.

- Teamwork : The ability to work both independently and collaboratively as part of a team.

- GRC Processes : Experience with core GRC processes, including risk management, compliance, and audit procedures.