HamburgerMenu
hirist

Artificial Intelligence

Machine Learning

NLP

Generative AI

Predictive Modeling

Query Segmentation

AI Interface

LLM

Deep Learning

MLOps

Security Architect - AI

Cloud Architect - ML/AI

Data Scientist

Data Modeling

Data Analytics & BI

Data Engineering

Backend Development

Frontend Development

Full Stack

Mobile Applications

Emerging Technologies

DevOps / SRE

CyberSecurity

Quality Assurance

Platform Engineering / SAP/Oracle

Product Management

Business Analysis and Project Management

UI & Design

Semiconductor/VLSI/EDA

Others

GRC Analyst

Spire Systems
Bangalore
3 - 10 Years
IT GovernanceIT RiskIT ComplianceWorkflowsITGCPCI-DSSSecurity Risk ManagementIT Controls

Posted on: 15/07/2025

Job Description

Job Summary :


We are seeking a detail-oriented and knowledgeable GRC Analyst to join our security and compliance team. The ideal candidate will be responsible for conducting vendor risk assessments, supporting internal governance, risk, and compliance initiatives, and ensuring adherence to industry frameworks and standards. This role requires deep technical knowledge of information security, strong understanding of IT control frameworks, and hands-on experience implementing risk and compliance measures across various domains.

Key Responsibilities :

- Conduct comprehensive vendor risk assessments and third-party security reviews.

- Map and assess controls against major industry frameworks, including :
  • ISO 27001/2
  • NIST SP 800-53
  • NIST CSF
  • SANS Critical Security Controls
  • CIS Controls
  • COBIT
  • SOC 2 (TSC 2017)
  • PCI DSS
- Assist in the development, documentation, and maintenance of security policies, standards, and procedures.

- Evaluate the effectiveness of IT General Controls (ITGCs) and ensure compliance with internal and external audit requirements.

- Collaborate with cross-functional teams to identify, assess, and mitigate information security risks.

- Participate in internal risk assessments, audits, and remediation planning.

- Maintain up-to-date documentation for GRC processes, workflows, and risk registers.

- Provide support for security awareness and compliance training programs.

- Monitor regulatory and compliance changes and recommend appropriate responses.

Required Qualifications :

- Bachelor's degree in Information Security, Computer Science, Information Systems, or related field (preferred).

- Proven experience conducting vendor risk assessments and third-party due diligence.

- Strong understanding of information security principles, risk management practices, and control frameworks.

- Excellent working knowledge of security standards and best practices :

  • ISO 27001
  • NIST (800-53, CSF)
  • SOC 2 (TSC 2017)
  • PCI DSS
  • CIS Controls
  • SANS CSC
  • COBIT

Preferred Certifications (One or more) :
  • CISA - Certified Information Systems Auditor
  • CISM - Certified Information Security Manager
  • CISSP - Certified Information Systems Security Professional
Desired Skills :

- Proficiency in evaluating technical security controls, particularly around logical access control, encryption, network security, and system hardening.

- Ability to analyze complex security issues and clearly communicate findings and recommendations.

- Strong verbal and written communication skills for reporting and stakeholder interaction.

- Highly organized, detail-oriented, and able to manage multiple tasks simultaneously.

info-icon

Did you find something suspicious?

Posted By

Rajan Sawarna

Sr. Talent Acquisition Specialist at Spire Systems

Last Active: 4 Dec 2025

Job Views:  
142
Applications:  41
Recruiter Actions:  0

Posted in

CyberSecurity

Functional Area

IT Security

Job Code

1513123

Jobs by location

Interview Questions for you

View All
Blog for regisnation

How to Write Leave Application for Urgent Work: Format & Samples (2025)

Blog for regisnation

Top 90+ Machine Learning Interview Questions and Answers

Blog for regisnation

Top 40+ Deep Learning Interview Questions and Answers