Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Velsera

Principal InfoSec GRC Specialist – Contract / Permanent

Velsera

Principal InfoSec GRC Specialist overseeing GRC program and cloud security compliance for the organization. Involves collaboration with various stakeholders for risk management and compliance efforts.

Posted 4/23/2026contractRemote • 🇮🇳 IndiaLeadWebsite

Tech Stack

Tools & technologies
AWSAzureCloudGoogle Cloud Platform

About the role

Key responsibilities & impact
  • Bring ‘Security by design’ principles to product development activities
  • Managing the GRC program, defining the roadmap for maturity across governance, risk management, and compliance initiatives.
  • Lead, manage, and mature the organization's Information Security Management System including risk treatment, internal audits, and readiness for external certification audits
  • Serve as the SME for high-stakes compliance frameworks, specifically FedRAMP, and maintaining advanced leadership over HIPAA and the ISO 27001 family (including 27017/27018 for cloud security).
  • Lead the development and revision of enterprise-level security policies, standards, and control frameworks to align with regulatory requirements and business objectives.
  • Manage GRC with focus on lean, efficient implementation by leveraging automation of activities
  • Lead FedRAMP authorization (e.g., Readiness, Assessment, and Continuous Monitoring), including coordinating with the 3PAO (Third-Party Assessment Organization) and government agencies.
  • Provide solution oriented technical guidance to Cloud Engineering, Security Operations, DevOps, and Product teams on architecting, implementing, and documenting controls required for FedRAMP, HIPAA, and ISO 27001 within cloud environments (AWS, Azure, or GCP).
  • Oversee and conduct complex, high-impact risk assessments (e.g., BIA, PIA, Data Flow Mapping) and residual risk management across the enterprise, escalating critical risks to senior leadership.
  • Manage and respond to high-level customer and partner due diligence requests and contract reviews related to security and compliance.
  • Act as the primary InfoSec GRC liaison and subject matter expert, effectively collaborating with internal stakeholders including Legal, Internal Audit, Product Management, and Tech Leadership.
  • Translate highly technical security and compliance requirements providing clear, actionable, risk-informed recommendations.
  • Lead cross-functional remediation efforts, bringing a solution mindset to help technical teams design practical and compliant control implementations instead of simply identifying gaps.
  • Mentor and provide guidance to junior GRC team members, helping to build internal capabilities.

Requirements

What you’ll need
  • Minimum of 12+ years of extensive experience in Cloud Security and GRC
  • Demonstrated capability in achieving & maintaining FedRAMP (moderate or high) compliance, including deep familiarity with NIST SP 800-53 controls.
  • Expert-level hands on knowledge of HIPAA, SOC and FedRAMP controls
  • Deep technical understanding of Cloud Service Provider (CSP) security models and compliance controls within complex cloud architectures.
  • Education: Bachelor's or Master's degree in Information Security, IT, Computer Science, or related technical field.
  • Certifications (Must have 1 or more of the following):
  • CISSP (Certified Information Systems Security Professional)
  • FedRAMP specific certifications (e.g., C3PAO Assessor training or significant practical experience).
  • Cloud Security certification such as CCSP (Certified Cloud Security Professional) or CCSK.

Benefits

Comp & perks
  • Flexible Work & Time Off - Embrace hybrid work models and enjoy the freedom of unlimited paid time off to support work-life balance.
  • Health & Well-being - Access comprehensive group medical and life insurance coverage, along with a 24/7 Employee Assistance Program (EAP) for mental health and wellness support.
  • Growth & Learning - Fuel your professional journey with continuous learning and development programs designed to help you upskill and grow.
  • Recognition & Rewards - Get recognized for your contributions through structured reward programs and campaigns.
  • Engaging & Fun Work Culture - Experience a vibrant workplace with team events, celebrations, and engaging activities that make every workday enjoyable.
  • & Many More...

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Cloud SecurityGRCFedRAMP complianceNIST SP 800-53 controlsHIPAASOC controlsCloud Service Provider security modelsrisk assessmentsrisk managementcontrol frameworks
Soft Skills
leadershipcollaborationmentoringsolution-oriented mindsetcommunicationtechnical guidanceorganizational skillsstakeholder engagementproblem-solvingcross-functional teamwork
Certifications
CISSPFedRAMP specific certificationsCCSPCCSK