Cybersecurity GRC & Compliance

Experience • Bachelor’s or Postgraduate degree in a relevant field • One or more certifications preferred: ISO 27001, ISO42001, CBCP, CISA, CISM, CRISC, CISSP • 2–4 years of hands-on experience in cybersecurity programs, audits, risk management, compliance, or remediation Qualifications • Knowledge and experience in Application Security and Cybersecurity. • Proficiency in Network Security and Information Security practices. • Understanding of governance, risk, and compliance in cybersecurity contexts. • Familiarity with standards like ISO 27001, NIST, or GDPR is a plus. • Strong analytical and problem-solving skills. • Experience with threat assessment, mitigation strategies, and incident response processes. • Ability to effectively communicate and collaborate with cross-functional teams. • A relevant degree in Information Technology, Cybersecurity, or equivalent experience. • Professional certifications such as CISSP, CISM, or CISA are advantageous but not mandatory. Key responsibilities • Implement and manage security controls and risk assessment frameworks (ISO 31000, NIST) aligned with regulatory and business requirements • Identify, evaluate, and mitigate risks through well-defined security policies, procedures, and controls • Enhance security posture through process improvements, automation, and continuous capability development • Design and implement GRC processes to automate and monitor controls, risks, exceptions, and testing activities • Enhance dashboards, metrics, and reporting artifacts for effective risk and compliance tracking • Conduct periodic assessments to evaluate the effectiveness and efficiency of security controls • Ensure compliance with standards and regulations such as PCI DSS, SOX, SOC 2, HIPAA, RBI guidelines, ISO standards, and DPDPA (Digital Personal Data Protection Act, India) • Perform risk assessments across incidents, vulnerabilities, patching, penetration testing, phishing, and social engineering scenarios • Identify control gaps, document findings, and provide actionable remediation guidance • Track and report remediation progress to stakeholders and leadership • Collaborate with cross-functional teams to support and strengthen the security program • Provide training and guidance on security assessments and compliance requirements • Stay updated with industry best practices and emerging cybersecurity trends Why Join Us • Comprehensive salary package with competitive compensation • Complete project ownership - almost too much responsibility and ownership of projects • Startup culture - fast-paced, innovative, and collaborative environment • Brewery parties and fun team outings to celebrate wins • Company Onsite / Fun Events and team building activities • Work with skilled security researchers and certified white hat hackers • Continuous learning and professional development opportunities • Work on diverse and challenging security projects • Opportunity to make real impact in cybersecurity industry • Flexible work environment with focus on work-life balance