Kaplan Test Prep

Information Security GRC Analyst I

Kaplan Test Prep

full-time

Posted on:

Location Type: Hybrid

Location: BangaloreIndia

Visit company website

Explore more

AI Apply
Apply

Job Level

Junior

Tech Stack

CloudCyber Security

About the role

  • Support the development, implementation, and maintenance of IT governance frameworks (e.g., COBIT, ITIL), ensuring alignment with organizational and regulatory requirements.
  • Oversee the lifecycle of IT policies and standards, including creation, review, approval, communication, and monitoring for compliance.
  • Manage third party vendor risk, including AI and cloud service providers, by conducting due diligence, security and compliance assessments, contract/control reviews, and ongoing performance and risk monitoring.
  • Support IT risk management by identifying, assessing, and tracking technology risks, maintaining risk registers, and coordinating mitigation and monitoring activities with control owners.
  • Perform internal audits and assist in evidence collection for client audits and compliance frameworks, including but not limited to ISO 27001, PCI, SOX, SOC 1 & 2, and other relevant standards.
  • Conduct phishing simulation campaigns, perform meaningful analysis of results, and manage the overall security awareness program to drive continuous improvement in user security behaviour.
  • Provide expert support in the assessment, design, implementation, and ongoing enhancement of technical controls and processes, including reviewing IT systems and tools to ensure appropriate controls are in place.
  • Collaborate with control owners and system administrators to review test findings, remediate IT control gaps, and drive improvements that enhance the quality, consistency, and operability of new and existing controls.
  • Lead the completion of client security questionnaires and RFPs, ensuring accurate and timely responses.

Requirements

  • 1+ years of audit, technical compliance, or information security experience.
  • Bachelor’s degree in information systems (IS), Cybersecurity, or related field; or an equivalent combination of training and progressively responsible experience that will result in the required specialized knowledge and abilities to perform the assigned work in lieu of degree.
  • Strong understanding of IT governance, risk management, and compliance frameworks (e.g., ISO 27001, NIST, COBIT, PCI-DSS), with proven experience in conducting risk assessments, audits, and compliance initiatives.
  • Self-motivated professional with excellent analytical, problem-solving, and communication skills, and the ability to work both independently and collaboratively in a fast-paced environment.
  • Demonstrated ability to lead security projects and initiatives from conception to completion.
  • Relevant certifications such as CISA, CISM, CRISC, or CISSP are highly desirable.
Benefits
  • Hybrid work model provides a flexible work/life balance
  • Voluntary Provident Fund is an additional voluntary contribution scheme associated with the statutory Employee Provident Fund (EPF)
  • Our Gift of Knowledge Program provides tuition assistance and substantial discounts for our employees and close family members
  • Comprehensive health benefits new hire eligibility starts on day 1 of employment
  • Generous Paid Time Off includes National holidays(10), Earned leaves(15), sick leave(12), plus one (1) volunteer day to participate and give back to our local communities
  • Gratuity is applicable upon completion of 5 years as per the Gratuity Act
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
IT governance frameworksCOBITITILrisk managementcompliance assessmentsinternal auditsISO 27001PCISOXSOC 1 & 2
Soft Skills
analytical skillsproblem-solvingcommunication skillsself-motivatedcollaborativeleadershipindependent workfast-paced environment
Certifications
CISACISMCRISCCISSP