Job Portal Logo
LoginSign Up

Risk Compliance and Governance Analyst

Wipro

0 - 3 years

Ahmedabad

Posted: 2/10/2025

Job Description

Job Description:

  • Expertise in cyber security frameworks such as ISO27001, NIST 800-53, NIST CSF, PCI-DSS, ISO22301, data privacy etc.
  • Skilled in risk management, risk assessment and analysis, internal audit
  • Technical knowledge in the security domains such as information security management and governance, systems and network security, Physical and logical IT controls, application security, data security, cloud security, access controls, authentication, or security protocols etc.
  • Experience in conducting vendor onsite assessments. Experience of assessing cloud service providers(CSP) will be an added advantage.
  • Understanding third-party risk management concepts, exposure to third party (or) outsourcing regulatory requirements.

Role Purpose

The purpose of the role is to analyse security requirements and design security solutions towards

protecting organization’s security assets.

 

Do

 

  1. Analyse Risk and Compliance assurance to protect sensitive information
    1. Identify Risk and compliance issues at all levels as per the updates
    2. Analyse common compliance frameworks and ensure policies, processes and standards are in place
    3. Perform quarterly audit, sample testing and report risks
    4. Communicate assurance findings to the clients in a timely manner
    5. Monitor remediation on assurance findings and ensure closure of all open points
    6. Ensure all required controls are implemented, documented and monitored so as to ensure full audit compliance.
    7. Coordinate with IT team members to ensure IT audit findings are addressed in a timely manner.
    8. Provide timely and accurate reporting and documentation to management on all key parameters as needed.
    9. Perform annual SOC preparedness audit to ensure that system set up are secure and maintain privacy of customer data
    10. Suggest corrective measures to cyber security issues and provide timely support and future recommendations

 

 

 

 

 

 

 

 

Stakeholder Interaction

 

Stakeholder TypeStakeholder IdentificationPurpose of Interaction
InternalCRS practice teamReporting and updates
IT teamTo understand IT systems and audit
Internal Legal TeamFor discussing legal Practices
ExternalCustomerData analysis and reporting

 

 

Display

 

Lists the competencies required to perform this role effectively:

  • Functional Competencies/ Skill
    • Domain/Industry Knowledge - Awareness and knowledge of Corporate IT Security ~ Contractual IT Governance & Compliance ~ Data Protection ~ Privacy ~ IT General Controls ~ Internal & External IT - Expert
    • Leveraging Technology - In-depth knowledge of and mastery over ecosystem technology that commands expert authority respect - Master
    • Technical knowledge - Complete understanding of risk and compliance audits((ISO27001, SOX, HIPAA, GLBA, PCI DSS, SSAE16 etc.) - Expert

 

Competency Levels
FoundationKnowledgeable about the competency requirements. Demonstrates (in parts) frequently with minimal support and guidance.
CompetentConsistently demonstrates the full range of the competency without guidance. Extends the competency to difficult and unknown situations as well.
ExpertApplies the competency in all situations and is serves as a guide to others as well.
MasterCoaches others and builds organizational capability in the competency area. Serves as a key resource for that competency and is recognised within the entire organization.

 

 

  • Behavioural Competencies 
    • Strategic perspective
    • Technology Acumen
    • Communication and Presentation Skills
    • Problem Solving approach
    • Managing Complexity
    • Client centricity

 

Deliver

 

No.Performance ParameterMeasure
1.Adherence to established risk and compliance framework% deviation from audit, release audit scores, closure on audit points, cyber health of the organization, audit timelines
2.Disaster recoveryNumber of risks identified and mitigated, Timely communication to the client

 

 

About Company

Wipro Limited is a global information technology, consulting, and business process services company based in India. Founded in 1945, Wipro provides a wide range of services, including software development, IT infrastructure management, and business consulting. The company serves various industries, such as banking, healthcare, and manufacturing, and is known for its focus on innovation and sustainability. With a presence in over 50 countries, Wipro is recognized for its commitment to quality and customer satisfaction.

Services you might be interested in

One-Shot Campaign

Reach out to ideal employees in one shot!

The intelligent campaign for reaching out to the ideal audience to whom you can ask for help (guidance or referral).

getmereferred logo Know more