GRC Analyst/Security Analyst

DIGITAP.AI provides high tech advanced AI / ML solutions to new age internet driven businesses for reliable, fast and 100% compliant Customer Onboarding, Automated Risk Management along with Big Data enabled services like Risk Analytics and Customised Scorecards. Our proprietary Machine Learning Algorithms and Modules provide one of the best success rates in the market. Working with 200+ clients spread across banks, big NBFCs, Life Insurance Players, Fintechs, Digitap.ai provides the high quality solutions while maintaining the required infosec compliance. The team brings together deep and vibrant experience in Fintech Product & Risk Management, Fraud Detection and BIG DATA Analytics.

Job Description-
We are seeking a motivated and skilled GRC professional to join our team. As a GRC
Analyst, you will be responsible for managing cybersecurity risks, conducting
compliance assessments, and implementing security policies based on industry’s best
practices, including ISO 27001 and RBI/SEBI guidelines. This role offers an excellent
opportunity to build and enhance your skills in the rapidly evolving field of cybersecurity
governance, risk management, and compliance
Key Responsibilities-
- Compliance & Regulatory Oversight: Ensure compliance with applicable laws and
regulations, such as RBI/SEBI cybersecurity guidelines, GDPR, and other - local and
international frameworks.
- Risk Management: Assist in conducting risk assessments to identify, evaluate, and
prioritize risks related to information security and business operations.
- Audit Support: Support internal and external audits by preparing documentation,
coordinating audit activities, and ensuring compliance with cybersecurity policies and
standards.
- Cybersecurity Program Management: Work closely with IT, legal, and other
stakeholders to integrate cybersecurity risk management into business processes,
ensuring alignment with organizational goals.
- Policy Development & Training: Contribute to the development of information security
policies, procedures, and guidelines, and assist in delivering training programs to raise
awareness of security best practices across the organization.
- Continuous Improvement: Collaborate with various teams to assess the effectiveness
of existing controls and propose improvements to enhance the organization's
cybersecurity posture.
- Reporting & Documentation: Maintain clear and comprehensive documentation of risk
assessments, compliance activities, audits, and incident reports to provide transparency
to senior leadership and regulatory bodies.

Qualifications-
- 2-5 years of hands-on experience in Governance, Risk, and Compliance (GRC) roles.
- Good understanding of information security principles, controls, and risk management
methodologies, compliance and audits
- Hands on experience of implementing two or more standards such as ISO 27001/2,
ISO27701, SOC2, PCI DSS, NIST standards on Cyber Security, HITRUST, HIPAA,
GDPR etc.
- Strong analytical skills and attention to detail in identifying security vulnerabilities and
assessing compliance gaps.
- Excellent written and verbal communication skills to prepare reports and deliver
presentations.
- Cloud Expertise (AWS/Azure/GCP)
- Security Certifications are preferred.