GRC Consultant

Job Title: GRC Consultant

Location: Chennai, IN(hybrid)

Type: Fulltime

Description:

The Information Security Analyst will collaborate with the Information Security Officer and will be responsible for assessing, designing, and implementing security controls to protect data and systems in accordance with industry standards and compliance requirements.

The candidate will implement and support client's security policies and controls to ensure the confidentiality, integrity, and availability of all company assets.

The candidate will perform risk assessments on Client, its projects, and its third parties.

Responsibilities:

Assists with day-to-day support of client's information security program to ensure protection of all sensitive information.

Monitors security controls for problem identification and resolution.

Performs internal risk assessments and risk assessments of third parties.

Assists in responding to client and supplier contracts, inquiries, audits, etc.

Assists in recommending appropriate security safeguards that need to be included during development of new information systems as well as legacy systems.

Assists with the evaluation of controls and collection of evidence to facilitate compliance audits.

Assists with the development of security training and awareness for all associates.

Maintains a general knowledge of applicable United States and International information security standards and information privacy laws as well as advancements in technologies to ensure organizational compliance.

Recommend updates to security policies and practices in accordance with changes in privacy law or regulatory requirements.

Keeps abreast of emerging security threats and technologies and recommends appropriate security controls.

Qualifications:

Successful candidates should possess the following:

A bachelor degree in Information Security/Assurance, Computer Science, Management Information Systems or a related field is preferred.

Possesses working knowledge of privacy and security best practices used in industries that require the highest levels of data protection.

Experience implementing information security policies in regulated industries to ensure compliance with HIPAA, NYDFS, GDPR, GLBA, and other applicable laws and regulations.

Knowledge of security frameworks such as NIST, ISO, and HITRUST CSF.

Ability to express complex technical concepts effectively, both verbally and in writing.

Ability to manage multiple tasks and projects simultaneously.

Thanks and Regards,

Namrata Goutam

Recuitment Manager(India/US)

Email:[Confidential Information]

Enpowertek

www.enpowertek.com