GRC Engineer

• Manage end-to-end Enphase SOC2 Type2 audit requirements and recurring compliance activities.
• Handling SOX ITGC audit activities including the new SEC Cyber Security Requirements.
• Work with the Internal Audit Team to address IT control gap and manage risk.
• Conduct security reviews of internal systems and identify areas of improvement.
• Manage the Governance part of Vulnerability Management. Collaborate with teams on vulnerability remediation.
• Identify and report new IS risks in the IS Risk Registers on a continuous basis. Report top risks to the management.
• Perform Vendor Security Review for new and existing vendors. Review Vendor agreements for Information Security related clauses.
• Create, Update, and enforce IS Policies and Procedures. Track policy compliance across the organization and conduct policy awareness sessions.
• Create and maintain an information security dashboard on in-house analytics tool.
• Drive Identity and Access Management review for critical apps.
• Provide periodic updates to internal stakeholders on adherence to IS compliance requirements
• Collaborate with SecOps, Security Engineering and Product Security Team to prioritize and address security gaps.

• 3-5 yrs of experience in IS GRC focusing on regulatory compliance.
• In depth understanding of security standards and frameworks (E.g. ISO 27001, NIST CSF, PCI DSS, SOX 404, SOC2, NIS2 and PCI DSS.
• Should be a Graduate – B.E/ B.Tech with specialization in Computer Science, IT, IS/Cyber Security, or relevant IT-related fields.
• Should have scored 70% and above in 10th, 12th, and Graduation.
• Knowledge of Python or similar scripting language. Knowledge of PySpark or SparkSQL is an added advantage.
• Excellent Data Analysis and Presentation skills using Microsoft Excel and PowerPoint.
• Certifications (Preferred): CompTIA Security+, CISA (not mandatory)
• Highly responsive and proven professionalism in communication, interpersonal, analytical, and organizational skills.
• Ability to synthesize a variety of data points, problem-solve, and formulate comprehensive and effective execution and risk mitigation plans.
• Desired Skill and Experience:
• High degree of creativity and “out-of-the-box” thinking.
• Able to execute multiple projects simultaneously in fast-paced environments.
• Ability to share knowledge and collaborate by developing content and documentation for distribution to other team members, managers, and customers.
• Ability to work in a fast-paced, collaborative, and ever-changing global environment.
• Takes responsibility and achieves results.
• Must be extremely flexible and able to manage multiple tasks and priorities on very tight deadlines.
• Outstanding organization skills.

Talent21