Login Sign Up
🔔 FCM Loaded

IRM Risk & Controls Management (JG4)

XML International

2 - 5 years

Bengaluru

Posted: 05/03/2026

Getting a referral is 5x more effective than applying directly

Job Description

IRM Risk & Controls Management (JG4)


Bangalore, India

Full-Time Contract

Global Energy Enterprise | Secure Digital Engineering


We are seeking a senior GRC & DevSecOps professional (9+ years experience) to strengthen secure engineering practices across large-scale digital platforms within a global enterprise environment.


This role sits at the intersection of Governance, Risk & Compliance, secure architecture, and DevSecOps enablement.


You will partner with development, architecture, and platform teams to embed security directly into the software delivery lifecycle.


What Youll Be Doing

  • Ensure alignment with enterprise GRC frameworks and control standards
  • Drive DevSecOps integration into CI/CD pipelines
  • Support GitOps-based workflows and software supply chain security
  • Perform secure code reviews and issue triage
  • Embed OWASP and secure coding standards into engineering practices
  • Conduct threat modeling across AWS/Azure and Kubernetes environments
  • Promote security automation and continuous improvement across Agile teams


Mandatory Requirements

  • 9+ years of experience in Governance, Risk & Compliance (GRC)
  • Strong understanding of NIST, GDPR, and enterprise regulatory frameworks
  • Deep knowledge of:

-OWASP Top 10

-OWASP ASVS

-MITRE ATT&CK

  • Experience integrating security into DevOps / GitOps pipelines
  • Familiarity with tools such as Apiiro, Dependabot
  • Experience securing cloud-native environments (AWS / Azure / Kubernetes)
  • Strong scripting or programming capability (Python, Shell, etc.)
  • Experience working in Agile Release Train (ART) environments


Preferred

  • IT/OT convergence experience
  • Developer experience platforms (Backstage, Cortex)
  • Certifications such as:

-AWS DevOps Engineer

-Azure DevOps Engineer

-CKS

-CSSLP

-SAFe DevOps Practitioner


Ideal Profile

You are not just a compliance specialist you are a security engineer with a governance mindset.


You understand risk frameworks but also speak the language of developers and cloud architecture.

Services you might be interested in

Improve Your Resume Today

Boost your chances with professional resume services!

Get expert-reviewed, ATS-optimized resumes tailored for your experience level. Start your journey now.

getmereferred logo Know more