Senior Associate Consultant - GRC

Job Description

ANZEN Technologies Private Limited. stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. Position : Senior Associate Consultant Key Responsibilities: GRC Strategy and Planning: Develop and implement comprehensive GRC strategies, policies, and procedures aligned with organizational goals and objectives. Define and prioritize GRC initiatives based on risk assessments, regulatory requirements, and industry best practices. Continuously evaluate and update GRC frameworks to adapt to evolving threats and compliance landscapes. Risk Management: Conduct risk assessments to identify, analyze, and prioritize risks across the organization. Develop risk mitigation strategies and controls to address identified risks effectively. Monitor and report on risk exposure and mitigation efforts to senior management and stakeholders. Compliance Management: Ensure compliance with relevant laws, regulations, and industry standards, such as GDPR, HIPAA, PCI DSS, etc. Monitor changes in regulatory requirements (SEBI, RBI, IRDAI etc) and assess their impact on the organization's compliance posture. Coordinate compliance audits, assessments, and certifications, and remediate any identified issues or deficiencies. Audit Management: Plan, coordinate, and oversee internal and external audit activities, including IT audits, compliance audits, and third-party audits. Develop audit plans, programs, and testing procedures to assess the effectiveness of controls and compliance with policies and regulations. Review audit findings, assess control deficiencies, and collaborate with stakeholders to develop and implement remediation plans. Monitor and track the progress of audit remediation efforts and report on the status to senior management and audit committees. Policy Development and Enforcement: Develop, review, and update information security policies, standards, and guidelines in alignment with regulatory requirements and industry best practices. Establish mechanisms for policy enforcement and monitor adherence to policies across the organization. Cross-Functional Collaboration: Collaborate with internal stakeholders, including IT, legal, finance, and operations, to integrate GRC principles into business processes and initiatives. Provide guidance and support to business units on GRC-related matters, including risk assessments, compliance requirements, and controls implementation. Training and Awareness: Develop and deliver GRC training programs and awareness campaigns to educate employees on their roles and responsibilities in maintaining compliance and managing risks. Foster a culture of compliance and risk awareness throughout the organization. Qualifications and Skills: Bachelor's degree in Information Security, Risk Management, Business Administration, or related field. Masters degree or relevant certifications (e.g., CISA, CISSP, CRISC, CISM) preferred. Minimum of 5 years of experience in governance, risk, and compliance roles, with a focus on information security and IT risk management, including audit management experience. Strong understanding of regulatory requirements and industry standards related to information security and data privacy (e.g., GDPR, HIPAA, ISO 27001). Proficiency in audit methodologies, risk assessment frameworks, compliance frameworks, and control frameworks (e.g., NIST Cybersecurity Framework, COBIT, ITIL). Excellent analytical, problem-solving, and decision-making skills. Effective communication and interpersonal skills, with the ability to collaborate with diverse stakeholders and influence change. Proven track record of leading GRC initiatives, conducting audits, and driving process improvements. Ability to work independently and manage multiple priorities in a fast-paced environment. Office Address : ANZEN Technologies Private Limited Akshar Business Park, H - 3025, 3rd Floor, Plot No. 3, Sector-25, Vashi, Navi Mumbai 400703 https://anzentech.com Immediate Joiner may apply