We are seeking a dedicated and experienced Governance, Risk, and Compliance (GRC) Specialist to join our team. This role requires a proactive individual with a keen eye for detail and a strong understanding of regulatory requirements, risk management principles, and audit and assessment methodologies. Experience 6+ years Key Responsibilities: 1.Governance: o Assist in the development and implementation of governance frameworks, policies, and procedures. o Support the alignment of governance initiatives with organisational objectives and regulatory requirements. o Monitor compliance with governance policies and report findings to senior management. 2.Risk Management: o Identify, assess, and manage risks associated with business operations and strategic initiatives. o Conduct risk assessments and develop risk mitigation plans. o Monitor and report on the effectiveness of risk management processes and controls. 3.Compliance: o Ensure compliance with relevant laws, regulations, and industry standards. o Develop and maintain compliance policies, procedures, and documentation. o Conduct regular compliance audits and assessments. o Provide training and guidance to employees on compliance-related matters. 4.Audit and Assessment: o Plan, execute, and report on internal and external audits. o Perform regular assessments of internal controls, processes, and systems. o Identify areas of improvement and recommend corrective actions. o Ensure audit findings are addressed and remediated in a timely manner. o Coordinate with external auditors and regulatory bodies during audits and inspections. 5. Third-Party Risk Management (TPRM) o Perform third-party/vendor risk assessments based on defined risk methodologies. o Conduct due diligence reviews, including security, privacy, and compliance evaluations. o Review vendor security questionnaires, SOC reports, ISO certificates, and other assurance artifacts. o Classify vendors based on criticality and risk tiering. o Define and monitor third-party risk treatment and remediation plans. 5.Incident Management: o Assist in the development and implementation of incident management procedures. o Investigate and report on compliance incidents and breaches. o Coordinate with internal and external stakeholders to resolve compliance issues. 6.Continuous Improvement: o Identify opportunities for process improvements in GRC activities. o Stay updated on the latest developments in GRC best practices and regulatory changes. o Participate in GRC-related projects and initiatives as required. Qualifications: o Bachelor’s degree in Business Administration, Finance, Information Technology, or a related field. o Knowledge of relevant regulatory requirements and industry standards (e.g., ISO 27001, ISO 27701,GDPR, RBI, SEBI, PCI DSS,ITGC, SOC 2 Type 2). o Experience with GRC tools and software. o Strong analytical and problem-solving skills. o Excellent communication and interpersonal skills. o Ability to work independently and as part of a team.

About Cytrusst

Cytrusst offers highly reliable and efficient cyber security deliverables to all our valued customers on various verticals like services, solutions, compliance and awareness sessions and guidance. Cytrusst, we provide cutting-edge cybersecurity solutions to safeguard your organization from evolving digital threats. Our Product offerings focus on the key areas: Cyber Attack Surface Management (CASM/CTEM), Cloud Security (CSPM & CNAPP), AI- Driven Governance, Risk, and Compliance (GRC), Third-Party Risk Management (TPRM)