Overview
GRC and Information Security Associate Jobs in Bengaluru, Karnataka, India at TestUnity
Title: GRC and Information Security Associate
Company: TestUnity
Location: Bengaluru, Karnataka, India
OverviewThe GRC (Governance, Risk, and Compliance) and Information Security Associate plays a crucial role in safeguarding the organization’s information assets while ensuring compliance with regulatory requirements. This position is responsible for supporting the development, implementation, and maintenance of effective governance, risk management, and compliance programs aligned with industry standards and best practices. The role serves as a liaison between various departments and assists in shaping the organization’s strategy regarding information security. By systematically identifying risks and establishing security protocols, the Associate helps to minimize vulnerabilities, protect sensitive data, and foster a culture of compliance. Their actions ensure that the organization can mitigate risks and respond effectively to security incidents, thereby enhancing the overall security posture.
Key Responsibilities
Assist in developing and implementing the GRC framework.
Conduct risk assessments to identify vulnerabilities and threats.
Monitor compliance with applicable laws and regulations.
Manage and track the risk register.
Collaborate with other departments to ensure a unified approach to information security.
Help design and deliver training on information security policies and best practices.
Prepare reports on compliance status for management review.
Assist in the development of incident response plans.
Participate in audits and regulatory assessments.
Evaluate security technologies and recommend solutions.
Support the organization in third-party risk assessments.
Maintain documentation related to policies, procedures, and security measures.
Engage with stakeholders to promote security awareness.
Provide support during security incident investigations.
Stay updated on information security trends and best practices.
Required Qualifications
Bachelor’s degree in Computer Science, Information Technology, or related field.
Minimum of 2 years experience in GRC or information security.
Understanding of relevant regulations (e.g., GDPR, HIPAA, PCI-DSS).
Experience with risk assessment methodologies.
Familiarity with security frameworks (e.g., NIST, ISO 27001).
Certifications such as CISA, CISM, or CRISC preferred.
Strong analytical skills and attention to detail.
Ability to communicate technical information to non-technical audiences.
Proficiency in security tools and software.
Experience with incident response procedures.
Excellent organizational skills.
Ability to work collaboratively in team settings.
Strong problem-solving skills.
Willingness to learn and adapt to new security technologies.
Demonstrated ability to handle confidential information.
Keen interest in the evolving landscape of information security.
Skills: incident response,compliance,information security,security frameworks (nist, iso 27001),data security,governance, risk, and compliance (grc),technical proficiency,analytical skills,communication skills,grc,regulatory compliance,risk management,security tools and software,policy development,team collaboration,threat assessment,risk assessment
