GRC Analyst — Governance, Risk & Compliance

Reports to: Portfolio CISO / VP Security | Experience: 4–5 years in GRC, audit, or compliance roles | Location: Pune| Type: Full-time

ABOUT THE ROLE:

The GRC Analyst will build and maintain the security governance framework across the portfolio companies. You will develop policies, maintain risk registers, manage vendor assessments, and drive compliance alignment across 17 portfolio companies with diverse regulatory obligations.

KEY RESPONSIBILITIES

Develop, maintain, and communicate Information Security Policy suite across portfolio

Build and manage technology risk registers for each portfolio company

Conduct annual vendor risk assessments and enforce security clauses

Lead data classification program rollout across all portfolio entities

Coordinate ISO 27001 and SOC 2 compliance efforts where applicable

Track policy exception requests, r...