GRC Analyst

Sony India Software Centre View all jobs

  • Bangalore, Karnataka
  • Permanent
  • Full-time
  • 1 month ago
Job Description:The Risk & Compliance Operations Analyst strengthens the Governance, Risk, and Compliance (GRC) program, which sits within the SPE InfoSec department, by supporting and contributing to security risk and compliance initiatives across multiple SPE teams. This role requires proactiveness, sharp analytical skills, deep curiosity, and a forward-looking mindset to improve how information is gathered, validated, tracked, and reported.Department:SPE-Data AnalyticsSkills Required:Grc Consultant, Risk Compliance, risk, GRC , Risk Assessment, Risk Analytics, Risk AdvisoryRole:Key ResponsibilitiesAuditBoard Risk & Compliance Operations
  • Support ongoing initiatives within the AuditBoard platform, including data accuracy, documentation updates, entry of findings, and issue tracking.
  • Input risk findings and issues into AuditBoard with precision and consistency.
  • Support Statements of Applicability (SOA) efforts, ensuring results are correctly represented in AuditBoard.
  • Prepare and display compliance, SOA, risk, issue, and exception reports for leadership, operations (risk and compliance) and audit teams.
Policy Exception Management
  • Triage and assess Policy Exception Requests by assessing risk of identified vulnerabilities, validating mapped controls, and overall exception quality.
  • Identify the correct approvers for each request
  • Quality check exception to ensure all required fields support the overall risk of the exception
  • Complete request fields with accurate, research-driven details
  • Follow each request through final closure
  • Ensuring accuracy and completeness of
data. * Support analysis of the current backlog (≈40) and ongoing intake (2-3 per week).ICA (Information Criticality Assessment) intake Support
  • Conduct preparation work for ICA activities, ensuring data and scope details are ready for downstream review by business, IT, and InfoSec reviewers.
  • Support ICA continuous improvement opportunities including testing use cases and suggesting better ways to run the ICA program.
  • Support re-certification efforts per established ICA procedures
  • Manage ICA request processing to ensure SLA compliance.
  • Maintain and update the master list of Vendor and Application Assessment statuses, ensuring clarity on progress, issues, and dependencies across the ecosystem.
  • Ensure accuracy of assessment data and reporting outputs.
  • Contact vendors using standardized communication templates to obtain required security artifacts.
  • Conduct risk assessments using SOPs and the UpGuard GenAI assessment process to identify security control gaps and associated risks.
  • Review and perform quality checks on risk assessment reports.
  • Update external dashboards status changes and ensure alignment with AuditBoard as the system of record.
Innovation, Reporting & Automation
  • Support the development of automated reports, dashboards, and displays to replace manual reporting where possible.
  • Identify opportunities to streamline repetitive compliance processes and adopt smarter, more efficient methods.
Qualifications & Traits
  • Solid understanding of information systems, security control frameworks, and security governance concepts.
  • Highly proactive-anticipates needs, surfaces risks early, and drives work forward independently.
  • Curious and unafraid to ask questions to reduce ambiguity and uncover root facts.
  • Strong sense of urgency, particularly when working with compliance deadlines or audit-driven milestones.
  • Appreciates established, time-tested processes but
open to modernization and continuous improvement. * Excellent attention to detail-accuracy and completeness are non-negotiable in this role.
  • Strong research aptitude; enjoys digging into details, systems, frameworks, and historical records.
  • Comfortable coordinating across distributed teams.
  • Innovates new ideas, automation, and improved reporting formats.
  • Eager to learn and grow in an evolving technology and security landscape.
  • Natural curiosity about how systems and processes work, which supports effective analysis and consistent exposure to new concepts.
Years Of Exp:3 to 5 YearsEducation/Qualification:Engineering degree or Equivalent work experienceDesignation:Information Security - Senior Analyst

Sony India Software Centre

Similar Jobs

  • Risk Assessment and Management Senior Analyst

    Zimmerbiomet

    • Bangalore, Karnataka
    Job Description At Zimmer Biomet, we believe in pushing the boundaries of innovation and driving our mission forward. As a global medical technology leader for nearly 100 years, …
    • 5 days ago
    • Apply easily

  • SAP Senior FICO Analyst

    Zimmerbiomet

    • Bangalore, Karnataka
    Job Description At Zimmer Biomet, we believe in pushing the boundaries of innovation and driving our mission forward. As a global medical technology leader for nearly 100 years, …
    • 9 days ago
    • Apply easily

  • Senior SAP Security Analyst

    Under Armour India

    • Bangalore, Karnataka
    About Under Armour India We have expanded our global footprint with Under Armour India, a strategic capability hub in Bengaluru, designed to strengthen our global operations and …
    • 10 days ago
    • Apply easily