Cybersecurity GRC & Compliance

Experience Bachelor’s or Postgraduate degree in a relevant field One or more certifications preferred: ISO 27001, ISO42001, CBCP, CISA, CISM, CRISC, CISSP 2–4 years of hands-on experience in cybersecurity programs, audits, risk management, compliance, or remediation

Qualifications Knowledge and experience in Application Security and Cybersecurity. Proficiency in Network Security and Information Security practices. Understanding of governance, risk, and compliance in cybersecurity contexts. Familiarity with standards like ISO 27001, NIST, or GDPR is a plus. Strong analytical and problem-solving skills. Experience with threat assessment, mitigation strategies, and incident response processes. Ability to effectively communicate and collaborate with cross-functional teams. A relevant degree in Information Technology, Cybersecurity, or equivalent experience. Professional certifications such as CISSP, CISM, or CISA are advantageous but not mandatory.

Key responsibilities Implement and manage security controls and risk assessment frameworks (ISO 31000, NIST) aligned with regulatory and business requirements Identify, evaluate, and mitigate risks through well-defined security policies, procedures, and controls Enhance security posture through process improvements, automation, and continuous capability development Design and implement GRC processes to automate and monitor controls, risks, exceptions, and testing activities Enhance dashboards, metrics, and reporting artifacts for effective risk and compliance tracking Conduct periodic assessments to evaluate the effectiveness and efficiency of security controls Ensure compliance with standards and regulations such as PCI DSS, SOX, SOC 2, HIPAA, RBI guidelines, ISO standards, and

DPDPA (Digital Personal Data Protection Act, India) Perform risk assessments across incidents, vulnerabilities, patching, penetration testing, phishing, and social engineering scenarios Identify control gaps, document findings, and provide actionable remediation guidance Track and report remediation progress to stakeholders and leadership Collaborate with cross-functional teams to support and strengthen the security program Provide training and guidance on security assessments and compliance requirements Stay updated with industry best practices and emerging cybersecurity trends

Why Join Us Comprehensive salary package with competitive compensation Complete project ownership - almost too much responsibility and ownership of projects Startup culture - fast-paced, innovative, and collaborative environment Brewery parties and fun team outings to celebrate wins Company Onsite / Fun Events and team building activities Work with skilled security researchers and certified white hat hackers Continuous learning and professional development opportunities Work on diverse and challenging security projects Opportunity to make real impact in cybersecurity industry Flexible work environment with focus on work-life balance