Analyst 4, IT Security (Information Security GRC Specialist )
Location
Bangalore | India
Job description
Western Digital seeks a skilled and experienced Information Security GRC Specialist to assume a pivotal role in SOX, PCI, and other critical information security risk and compliance areas. This individual contributor will play a lead role in shaping and optimizing our security posture, focusing on information security and technical controls, including IT General Controls (ITGCs), IT Application Controls (ITACs), and a deep understanding of company-level controls.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
IT General Controls
- Define and document IT General Controls (ITGCs) for Sarbanes-Oxley (SOX) 404 compliance.
- Provide expert technical guidance to stakeholders to design robust IT general controls.
- Collaborate with IT process owners to standardize, optimize, and automate controls, enhancing overall efficiency.
- Deliver ongoing guidance on IT control requirements, ensuring alignment with industry best practices.
Control Assessments
- Lead the preparation, planning, and execution of IT control assessments, including SOX ITGC.
- Prepare, review, and finalize work papers and compliance reports with meticulous attention to detail.
- Identify technology and business-related risks, understand current regulations, and contribute to the design of internal controls and processes to mitigate potential risks.
- Partner with key stakeholders to set the strategic direction for audit readiness, manage compliance frameworks, drive continuous improvement, and deliver meaningful reporting metrics.
- Collaborate with internal and external auditors to optimize audits, balancing risk mitigation and administrative efficiency.
- Remediation and Compliance
- Effectively communicate control weaknesses, insights, and recommendations to relevant stakeholders.
- Review the adequacy of corrective and preventative action plans, actively monitoring plan execution.
- Ensure compliance with corporate reporting standards and adhere to established timelines.
REQUIRED:
- 8+ years of relevant experience in information security risk and compliance.
- 2+ years of experience with SOX ITGC, ITAC, and company-level controls.
- Bachelor s degree in information systems, computer scie
Job tags
Salary