Search by job, company or skills

Drevol

Sr IT Governance, Risk & Compliance (GRC) Analyst

Drevol
Vadodara, India
5-7 Years
new job description bg glownew job description bg glownew job description bg svg
  • Posted a month ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Location: Vadodara

Job Title: Senior IT Governance, Risk & Compliance (GRC) Analyst

Department: Technology / Information Security & Risk

Job Summary

We are seeking a Senior IT Governance, Risk & Compliance (GRC) Analyst to lead security and privacy risk management initiatives across the organization. This role partners with business, IT, legal, supply chain, and operations teams to strengthen security posture through standards-based governance, risk assessments, and continuous improvement.

Key Responsibilities

  • Design and drive enterprise security and privacy risk assessments; identify, assess, and document risks.
  • Develop and maintain IT and Security policies, standards, and guidelines.
  • Partner with business, IT, legal, security, and operations teams to advance security maturity using a controls-based approach.
  • Support Business Continuity Program development and implementation with cross-functional stakeholders.
  • Drive risk remediation plans and support formal risk acceptance for residual risks.
  • Enable secure product and business releases through risk identification, mitigation, and consultation.
  • Define and track security and compliance metrics (KPIs/KRIs).
  • Continuously improve and automate security governance and operational processes.

Required Skills & Experience

  • 5+ years of experience in Security Governance, Risk & Compliance, or IT Audit.
  • Hands-on experience with Microsoft Purview and GRC tools such as OneTrust.
  • Strong knowledge of security frameworks and standards (NIST CSF, ISO 27001, PCI, HIPAA, ISF, CVSS).
  • Understanding of global privacy regulations (GDPR, CCPA, PIPA, etc.).
  • Solid technical understanding of infrastructure and security controls, including Zero Trust, IAM, network security, vulnerability management, and CIS benchmarks.
  • Strong communication skills with the ability to explain technical risks to non-technical stakeholders.

Preferred Qualifications

  • Security or privacy certifications such as CISA, CISM, CISSP, CIPP, or equivalent.

Soft Skills

  • Self-driven, collaborative, and adaptable.
  • Strong problem-solving and stakeholder management skills.
  • Comfortable working in fast-paced, evolving environments.

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Technology Information Security Risk
Employment Type:
Full time

About Company

Drevol

Job ID: 142911201

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 20-02-2026 00:57:55 AM
Homejobs in VadodaraSr IT Governance, Risk & Compliance (GRC) Analyst