Security risk analyst - Issue and policy exception

ABOUT THE ROLE

Role Description:

We are looking for a highly skilled and motivated analyst to join the policy exception and issue management team.

The individual must be capable of working with minimal supervision after initial training.

The individual must be client focused with an eye for streamlining of process.

This role requires the ability to navigate ServiceNow ticket management and reporting.

Key Responsibilities

• Day to day queue management for the policy exception and issue records.
• Candidate will need to be able to host weekly office hours calls for stakeholder support and the advancement of the records.
• Perform initial ticket triage to ensure healthy records for further processing.
• Monitor tickets and investigate the instances of delay in processing.
• Escalate conditions or concerns to management and leads regularly.
• Communicate in a brief manner via email/text and reliably update the associated tickets for good document practice.

Required Qualifications

• Bachelor’s degree required (MIS, Information Systems, IT, Cybersecurity, or related field preferred).
• 5–8 years of experience in Governance, Risk & Compliance (GRC), IT risk, information security compliance, or internal audit
• Minimum 2-4+ years of experience in an IT ticket-based support environment.
• Candidate must be proficient at Microsoft office tools such as Outlook, Excel and suite of Microsoft Tools
• Strong analytical, problem-solving, and documentation skills.
• Ability to communicate complex concepts to non-technical stakeholders.
• Understanding security controls as they apply to GRC (Governance, Risk, and Compliance) across the enterprise.
• Ability to analyze metrics and generate executive-level reporting and insights.
• Adaptability to a dynamic and fast-paced environment.
• Strong organizational and time management skills.

Preferred Skills

• Experience with service now IRM module is a plus.
• Experience with risk assessment methodologies and control evaluation techniques.
• Proficiency at tools such as Lucid charts, Visio and PowerPoint.
• Candidate must possess or develop the skills to manage a service now dashboard.
• Ability to manage multiple competing priorities in parallel
• Relevant certifications such as SAFe for Teams, ServiceNow, CISA, CRISC or CISSP.
• Working knowledge of industry standards, controls or frameworks such as:
   ISO/IEC 27001 and ISO/IEC 27002.
   GDPR, HIPAA, SOX, PCI-DSS, NIST.

Soft Skills:

• Ability to prioritize and handle multiple tasks effectively in a dynamic work environment.
• Detail-oriented, with a strong focus on quality and accuracy.
• The candidate must demonstrate fluency in English, both written and spoken. Bilingual proficiency is considered an advantage.
• Must be a team player and able to work with and through others.
• Be a self-starter, independent, and resourceful. Able to exercise independent judgment and act on it.

Work Hours: This position operates on the second shift, from 2:00 PM to 11:00 PM IST. Candidates must be willing and able to work during these hours, including weekends and holidays, as required