Login Sign Up

IRM Risk & Controls Management (JG4)

XML International

2 - 5 years

Bengaluru

Posted: 05/03/2026

Getting a referral is 5x more effective than applying directly

Job Description

IRM Risk & Controls Management (JG4)


Bangalore, India

Full-Time Contract

Global Energy Enterprise | Secure Digital Engineering


We are seeking a senior GRC & DevSecOps professional (9+ years experience) to strengthen secure engineering practices across large-scale digital platforms within a global enterprise environment.


This role sits at the intersection of Governance, Risk & Compliance, secure architecture, and DevSecOps enablement.


You will partner with development, architecture, and platform teams to embed security directly into the software delivery lifecycle.


What Youll Be Doing

  • Ensure alignment with enterprise GRC frameworks and control standards
  • Drive DevSecOps integration into CI/CD pipelines
  • Support GitOps-based workflows and software supply chain security
  • Perform secure code reviews and issue triage
  • Embed OWASP and secure coding standards into engineering practices
  • Conduct threat modeling across AWS/Azure and Kubernetes environments
  • Promote security automation and continuous improvement across Agile teams


Mandatory Requirements

  • 9+ years of experience in Governance, Risk & Compliance (GRC)
  • Strong understanding of NIST, GDPR, and enterprise regulatory frameworks
  • Deep knowledge of:

-OWASP Top 10

-OWASP ASVS

-MITRE ATT&CK

  • Experience integrating security into DevOps / GitOps pipelines
  • Familiarity with tools such as Apiiro, Dependabot
  • Experience securing cloud-native environments (AWS / Azure / Kubernetes)
  • Strong scripting or programming capability (Python, Shell, etc.)
  • Experience working in Agile Release Train (ART) environments


Preferred

  • IT/OT convergence experience
  • Developer experience platforms (Backstage, Cortex)
  • Certifications such as:

-AWS DevOps Engineer

-Azure DevOps Engineer

-CKS

-CSSLP

-SAFe DevOps Practitioner


Ideal Profile

You are not just a compliance specialist you are a security engineer with a governance mindset.


You understand risk frameworks but also speak the language of developers and cloud architecture.

Services you might be interested in

We Search & Apply Jobs for You!

Our team scans through 1000s of opportunities and applies to roles best suited to your profile

Save 100+ hours and focus on what matters - cracking interviews and landing offers.

getmereferred logo Know more