GRC Analyst

As a GRC (Governance, Risk, and Compliance) Analyst at VIDIZMO, you will manage and maintain our governance, risk management, and compliance framework. Your role involves ensuring our systems, processes, and policies align with industry standards and regulations, identifying risks, assessing their impact, and developing mitigation strategies. You will collaborate across departments to implement and monitor compliance with policies and regulations, support audit preparations, conduct risk assessments, and provide guidance on risk management. Additionally, you will create and maintain policies, procedures, and controls related to information security, data privacy, and regulatory compliance, while developing KPIs to track compliance and drive continuous improvement.

We provide Video Content Management systems to Fortune 5000 companies and Governments across the globe and are recognized in Gartner's Magic Quadrant and IDC MarketScape for Digital Evidence Management as one of the top 7 companies in the world. VIDIZMO products include EnterpriseTube and Digital Evidence Management System (DEMS). VIDIZMO DEMS helps public safety organizations to store, manage, process and digital evidence, while EnterpriseTube empowers customers to deliver Live as well as On-Demand Video Streaming to their audience, store and share multimedia content as well as perform Video and Audio Analysis using artificial intelligence.

Key Responsibilities:

• Assess both managerial and technical security controls to ensure they meet specific security and compliance targets.
• Align regulatory and security mandates with our information security framework, ensuring seamless integration.
• Oversee and document adherence to various security standards, including but not limited to ISO 27001, 27701, SOC 2, GDPR, and PCI-DSS, making sure that all actions for mitigation are up to date.
• Support internal teams in preparing for and executing audits and assessments according to established standards, ensuring all program documents are accurate and compliant.
• Actively engage in significant IT projects to ensure that security policies and risk factors are incorporated and considered at every stage.
• Develop and apply key performance metrics to monitor and confirm compliance with the organization's defined policies and standards.
  

Requirements:

• Over 3 years of experience in information security.
• Hands-on experience with compliance standards such as ISO 27001, SOC 2, and PCI-DSS.
• Excellent communication skills, both written and verbal.
• Proven ability to meet deadlines and perform under pressure.
• Experience working in US-based multinational companies is advantageous.
• Security certifications such as CISSP, CISA, or ISO 27001 are preferred.
• In-depth experience auditing third-party vendors, service providers, or partners for security compliance.
• Extensive experience collaborating with engineering teams (system administrators, network administrators, security administrators, application teams) to effectively communicate compliance needs.
• A bachelor's degree in Computer Science, Information Technology, or a related field.

Benefits: Health Insurance (OPD/IPD), Daily Lunch Facility, Separate Maternity Cover, Leave encashment, Car Support Program, Referral Bonus, EOBI, Bi-Annual Increment. Provident Fund, Career Growth, Bonus (benefits vary based on location)