Search by job, company or skills

CyRAACS

Product GRC Consultant

CyRAACS
Bengaluru, India
3-6 Years
new job description bg glownew job description bg glownew job description bg svg
  • Posted 6 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

*Bangalore job location with 3-6 years of professional experience*

Responsibilities:

Developing and Updating Control Frameworks

  • Design, develop, and maintain comprehensive control frameworks based on global standards (ISO 27001:2022, SOC 2, CSA STAR, PCI DSS 4.0), regulations (GDPR, CCPA, DPDPA, RBI Master Directions) and frameworks (NIST CSF) for our proprietary GRC niche platform
  • Regularly review and update the frameworks to reflect changes in the regulatory landscape and information security standards.

Managing Security Certifications

  • Lead the process for obtaining and maintaining security certifications such as ISO 27001:2022 and SOC 2 for the product.
  • Coordinate with internal teams and external auditors to ensure all necessary documentation and evidence are prepared for audits.
  • Manage timelines and project milestones to ensure timely completion of certification processes.
  • Monitor and report on compliance with security standards to internal stakeholders.

Conducting User Testing

  • Conduct user testing to evaluate the usability and functionality of the product.
  • Gather and analyse user feedback to identify areas for improvement.
  • Work with Product Management teams to translate user feedback into actionable changes and enhancements to the product.

Providing User Feedback

  • Synthesize feedback from user testing sessions and ongoing user interactions to develop a clear and actionable insights.
  • Communicate these insights to product development teams to inform product updates and iterations.
  • Establish mechanisms for continuous feedback collection to ensure that the product remains aligned with user needs and expectations.

Providing Consulting Support to Clients

  • Offer expert advice and consulting support to clients regarding the implementation and optimization of the product within their operations.
  • Help clients understand how to integrate the product into their existing GRC activities and how to leverage it for maximum benefit.
  • Assist clients in interpreting and applying control frameworks and compliance requirements relevant to their specific industry and regulatory context.

Training and Documentation

  • Develop and maintain comprehensive documentation for the product's control frameworks and compliance features.
  • Work with Product Management teams to create training materials and conduct training sessions for both internal stakeholders and external clients to ensure they are well-versed in using the product effectively.

Continuous Improvement

  • Stay updated with the latest developments in GRC practices, compliance regulations, and risk management strategies.
  • Propose and implement improvements to the product and the internal processes based on evolving best practices and feedback.

Requirements:

Compliance and Regulatory Experience

  • Experience between 3 to 6 years with GRC frameworks and standards such as ISO 27001, SOC 2, HIPAA, PCI-DSS, GDPR, etc.
  • Proven track record in developing, implementing, and maintaining compliance frameworks.
  • Experience in managing compliance audits and working with external auditors.

Information Security Experience

  • Experience in developing information security practices, policies, and procedures.
  • Experience in conducting risk assessment and end-to-end risk management practices.
  • Knowledge of third-party risk management practices (TPRM).
  • Experience in conducting Privacy Impact Assessments, Business Impact Analysis and developing Business Continuity Plans.
  • Understanding of cybersecurity threats and mitigation strategies.

Project Management Experience

  • Strong project management skills, with experience leading cross-functional projects, particularly in compliance and security certification initiatives.
  • Ability to manage deadlines, coordinate with multiple stakeholders, and deliver projects on time.

Client Interaction and Support

  • Experience in client-facing roles, providing consultation, training, and support.
  • Skills in translating complex compliance and security requirements into actionable advice for diverse audiences.

Software and Technology

  • Hands-on experience with GRC software platforms and tools preferred
  • Experience in conducting user testing and gathering feedback for software products.

Education

  • Bachelor's degree in computer science, information science, or similar.

Relevant Certifications

  • Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Compliance And Regulatory
Employment Type:
Full time

About Company

CyRAACS

Job ID: 145660619

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 14-04-2026 00:54:52 AM
Homejobs in Bengaluru / BangaloreProduct GRC Consultant

Similar Jobs

Project Manager

Schneider Electric

Sr. Data Management Analyst

Honeywell

Module Lead

Growel Softech Private Limited