Governance, Risk & Compliance Risk Analyst
Location
Bangalore | India
Job description
- As a GRC Risk Analyst, you should have extensive experience coordinating program and project leaders to identify security requirements/gaps in system architecture and deployment
- Youll collaborate with the team to maintain a high standard of technical excellence across all project activities and make recommendations for the most effective application of technology to meet Baker Hughess needs
As a Risk Management Analyst, you will be responsible for:
- Performing Application and Architecture Risk Assessments on all the applications used within Baker Hughes.
- Maintaining and advance global security risk assessment program, with a concentration on assessing critical applications, services, processes, and third-party suppliers.
- Documenting, developing, and publishing assigned Security Policies, Standards, and Technical Requirements.
- Identifying proactively cybersecurity deficiencies or opportunities for improvement to better enable security at Baker Hughes.
- Participating in the development and publication of compliance metrics for the GRC team. Create Risk Management reports for leadership and other stakeholders.
- Liaising with different teams within CSRC to mitigate risk findings through tasks in the Baker Hughes Integrated Risk Management tool Archer.
Fuel your passion
To be successful in this role you will:
- Have a Bachelor Degree in Information Systems, Cybersecurity, or related with relevant experience in cybersecurity governance, cybersecurity compliance, and risk management
- Have a Minimum of 4 years experience in cybersecurity or other related cyber areas. Previous experience and familiarity with cybersecurity industry standards and frameworks, including NIST Cybersecurity Framework (CSF), NIST 800-53, ISO 27001, and PCI DSS.
- Have Experience with the security and privacy controls environment, regulatory landscape, and risk management techniques, principles, and practices.
- Have Experience and knowledge of the development and implementation of information security policies, standards, and related procedures for security programs.
- Have ability to assess environments against a wide variety of security and compliance frameworks, including State based privacy and security regulations, GDPR, SOC, NIST-CSF, ISO/27001/2
- Have a good understanding of regulatory compliance requirements such as SOX, GDPR, PCI-DSS, FISMA, RBI Cyber security requirements, and IT Act 2000.
- Have Previous experience and familiarity with cybersecurity industry standards and frameworks, including NIST Cybersecurity Framework (CSF), NIST 800-53, ISO 27001, and PCI DSS
Job tags
Salary