SAP GRC

SN Required Information Details 1 Role Jr. GRC Analyst / Consultant 2 Required Technical Skill Set Experience in cybersecurity risk assessment, Control testing and Compliance audits 3 No of Requirements 4 4 Desired Experience Range 3 to 6 Years 5 Location of Requirement Any location across India (Prefered Mumbai, Chennai, Delhi, Bangalore or Hyderabad)  
  Desired Competencies (Technical/Behavioral Competency) Must-Have Technical:

• Security Framework Alignment and Related Controls Testing (NIST, CoBIT, ISO 27001)
• SOX Testing for IT Controls
• IT Compliance audits
• Vendor Risk Assessments
• Contribute to documentation of Information Security Policies, Standards, Processes, and Procedures.
• Manage and perform cybersecurity assessments on emerging/ongoing business initiatives, third-party services
• Evaluate third-party products/services by reviewing standardized questionnaires, evidencing their controls

Non-Technical:

• Analytical thinker
• Collaborative team player
• Eexcellent written and verbal communication
• Capable of bridging the gap between business demands and cybersecurity requirements
• Ability to  articulate cybersecurity risks in business terms
• Demonstrable knowledge of information security standards, data security practices and procedures
• Understanding of the impact of various data protection and integrity controls, operating systems and network security controls, authentication controls, and security protocols
• Requires demonstrable knowledge of security principles to a diverse range of risk scenarios to coordinate acceptable solutions between business needs, technology operations, and information security best practices

Good-to-Have

• Familiarity with GRC Tools (RSA Archer, ServiceNow GRC)
• Certifications like CISA, CISSP, CISM, CRISC etc.

  SN Responsibility of / Expectations from the Role 1 Conduct risk assessments, Control testing & vendor Risk Assessments 2 Documentation and reporting of findings 3 Provide regular updates and reports to the customer