GRC Analyst/Consultant

Actively Reviewing the Applications

ValueMentor

India, Kerala, Thrissur Full-Time On-site

Posted 3 weeks ago • Apply by April 30, 2026

Job Description

Job Summary

The GRC Analyst / Consultant is a critical delivery and assurance role within the Payment Security Team, responsible for supporting compliance and risk management engagements across PCI DSS and SWIFT CSP standards.

The role focuses on assisting lead assessors, managing compliance evidence, supporting assessments, tracking remediation activities, and ensuring timely, high-quality delivery across multiple client environments. Working closely with cross-functional teams and client stakeholders, the GRC Analyst will contribute to secure, compliant operations aligned with global standards and industry best practices.

Key Responsibilities, Deliverables / Outcomes

Compliance Assessment & Delivery Support

Support lead assessors in conducting PCI DSS and SWIFT CSP assessments for multiple client entities.
Collect, validate, organize, and maintain compliance documentation and evidence with high accuracy and completeness.
Coordinate with client teams to gather policies, system logs, configurations, and other assessment artefacts.
Review evidence against PCI DSS and SWIFT CSP requirements, identify gaps, and follow up for closure.
Maintain structured and accessible evidence repositories to enable efficient audits and reviews.
Manage assessment timelines and milestones, ensuring deadlines are met through close coordination with stakeholders.

Risk Management & Reporting

Assist in preparing assessment reports, including documentation reviews, gap analysis, and risk summaries.
Support assessors in developing clear, accurate, and standards-aligned final assessment reports.
Work with assessors to identify, assess, and prioritize compliance and security risks.
Support the creation and tracking of remediation plans aligned with compliance requirements.
Monitor remediation activities and follow up with clients to ensure timely closure of findings.

Process Excellence & Continuous Improvement

Support the creation and maintenance of assessment checklists, templates, and documentation.
Participate in post-assessment reviews to identify opportunities for workflow and efficiency improvements.
Contribute to the development and update of information security policies, procedures, and documentation.
Share best practices and assessment insights to promote standardization across engagements.

Stakeholder Engagement & Client Focus

Maintain a strong customer-centric approach throughout the compliance lifecycle.
Collaborate effectively with internal teams and client stakeholders to ensure a positive assessment experience.
Prepare and present briefings to senior management, translating technical findings into business-relevant insights.
Ensure all engagements reflect organizational values and promote a culture of cybersecurity excellence.

Learning, Development & Ownership

Stay current with changes to PCI DSS, SWIFT CSP, and related regulatory and industry standards.
Actively pursue training, certifications, and knowledge-building opportunities.
Contribute to a knowledge-sharing culture through team discussions and collaboration.
Take ownership of assigned responsibilities, meeting deadlines with accountability and professionalism.

Key Skills

Customer relationship management and stakeholder engagement
Strong understanding of ISO 27001:2022 clauses and ISO 27002 control guidance
Knowledge of information security principles (CIA triad) and their practical application
Understanding of:
Data classification frameworks
Identity & Access Management (IAM)
Secure Software Development Lifecycle (SSDLC)
Network defense-in-depth concepts
Working knowledge of OSI layers and network communication protocols
Exposure to cloud security concepts and platforms (AWS, Azure, GCP)
Experience supporting security assessments and assurance audits
Strong documentation, reporting, and presentation skills
Experience supporting ISMS workshops and security awareness programs

Key Competencies / Soft Skills