H

SENIOR DOMAIN ANALYST - GRC - Risk management

Happiest Minds Technologies · Noida, Uttar Pradesh, India

6–12 yrs experiencefull_timePosted 4w ago
Apply now →

Job description

The Application Risk Analyst role in our Cyber Governance, Risk, and Compliance (GRC) team is key to meeting cybersecurity goals and ensuring regulatory compliance across all units. This is an outstanding opportunity to join a dynamic team and help maintain a secure and resilient IT infrastructure! What Youll Do - Conduct technical application risk assessments to identify cyber vulnerabilities and operational and regulatory threats. - Collaborate with agile Product teams and GIS to implement mitigating technical controls aligned with GIS policies and regulatory standards. - Prepare detailed assessment reports for Business Unit owners, highlighting key risks and policy exceptions through threat modeling. - Partner with GIS and Business Units to develop and implement risk exception plans and strategies. - Support the development of automated quantitative and qualitative risk analyses and reporting processes. - Liaise with internal and external auditors to provide documentation and evidence for compliance with international security standards (SOC-2, ISO 27001, PCI DSS, NIST CSF 2.0). - Provide mentorship on changes in product security and regulatory landscapes, updating Security Policies, Standards, and Technical Security Requirements as needed. - Support the delivery of the wider GIS Security program in line with strategy and important metrics. What Were Looking For - Self-motivated and adaptable to an ever-changing cybersecurity environment. - Excellent collaboration skills, eager to work as part of a cohesive, distributed team. - Outstanding analytical and critical thinking skills. - Comprehensive communication skills, including effective listening, data gathering, and idea articulation. - 10+ years of experience in information security with a relevant degree. - IT Audit, Internal Audit, and/or cyber advisory experience are a plus. - Familiarity with cybersecurity industry standards and frameworks such as NIST CSF, NIST 800-53, ISO 27001, and PCI DSS. - Preferred certifications: CISSP, CCSP, CISM, CISA, CompTIA Security+, GIAC. Disclaimer : This job posting has been aggregated from external source. Role details, content, and availability are subject to change. Applicants are advised to confirm the latest information directly on the company website before applying.