IT-GRC Analyst
- Black Box
- 5 - 10 years
- Bengaluru
- 1 month ago
- Email to a friend
- Report this job
Job Description
Primary Roles & Responsibilities:
- Understand Blackbox Internal Business services and review proposed customer contracts for compliance, risks privacy, security and regulatory issues
- Coordinate external & Internal audits of the Blackbox IT environment and collate evidence submitted by technical team
- God understanding of security concepts, drivers of risk and mitigation control, BCP, DR, Risk Management 3 rd party vendor Audits and Management, policies and procedure writing and evaluations, IT - general and application controls
- Develop and maintain both continuous and spot check, autonomous and manual audit processes
- Educate users on IT controls processes and play an advisory role internally.
- Perform end - to end contracts evaluation for risk, compliance, and security evaluations and expectations.
- Report on compliance results & metrics to executive teams
- Provide continual improvement objectives to better align to external requests
- Build a strong knowledge and understanding of systems and processes
- Assist in development of data governance processes and RACI
- Review and update internal corporate Policies based on Industry best practices and Regulatory requirements
- Understand and document Data workflows and lifecycles
- Establish Processes to improve the life cycle Management of Contracts
- Possess experience or good knowledge on IT controls mapping as per global standards.
Knowledge, Skills, Abilities:
- Strong familiarity with risk, compliance, and audit frameworks and the various ways they are applied in IT environments
- Understanding of Global data privacy and security regulations - like GDPR, CCPA etc. both at global and US state levels for data privacy laws and requirements.
- Ability to scope, assess, and revise contracts and suggest edits based on business drivers and compliance needs.
- Ability to find root causes of control failures and mitigate risks accordingly
- Ability to create and maintain policies, procedures and guidelines for the Company and maintain its lifecycle in SharePoint
- Ability to educate the company employees and respond to policy related queries.
- Ability to implement controls in a diverse technical and geographically distributed environment to mitigate risk
- Ability to convince a highly varied audience to follow prescribed controls
- Comfort with presenting progress reports and results to senior leadership
- Understanding of process design and compliance terminology
- Ability to write and speak clearly, consistently, and concisely
- Ability to Multitask responses to multiple Contracts and meet given deadlines
- Ability to be self-driven, Motivated with end-to-end ownership on contracts management
- Excellent Audit Life Cycle Management skills, Expert use of Excel sheet, Word document management, PPT, ability to track documents versions, evidence etc.
- Excellent written and verbal communication skills and English language command.
Education/Experience Requirements:
- BA business or information technology or equivalent experience.
- Minimum 5 years or more of prior experience in IT-GRC domain like IT risk, auditing, Contracts evaluation, Data privacy, compliance evaluation etc. strongly preferred.
- Knowledge of working with US & Global regulations and compliance requirements like HIPAA, PCIDSS, GDPR and US state level laws like CCPA etc.
Frameworks / Industry Standard & Regulations
- Data Privacy Laws like GDPR, CCPA,
- PCIDSS, SOC2, HIPAA
- Security and Assurance standards like NIST 800-53 controls, NIST CSF, CIS controls, ISO 27001 standards
Certifications Desired / Preferred
- CISA and/or CRISC and/or CGEIT
- ISO 27001 L.A or CISM or CISSP - Desirable.
Job Classification
Industry: IT Services & ConsultingFunctional Area / Department: OtherRole Category: OtherRole: OtherEmployement Type: Full timeContact Details:
Company: Blackbox AnalyticsLocation(s): Bengaluru+ View Contact
Keyskills: Process design Business services Assurance Cisa HIPAA ISO 27001 Document management Risk management Information technology Auditing
Fraud Alert to job seekers!
₹ Not Disclosed
Similar positions
Black Box
We help improve and integrate all core planning processes of an organization in one smart.simple.fun management system.
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in