GRC Analyst

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.

We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us!

Job Description

GRC Analyst

Bengaluru/Pune/Noida, India.

Position Summary:

Rockwell Automation is looking for a GRC analyst who will implement information management systems (ISMS)across a diverse range of products and business operations and jurisdictions. You will be asked to participate in efforts to establish and test cybersecurity controls, create and manage ISMS documentations such as policies, procedures and metrics, and coordinate certification audits. You will also work on risk assessment, analysis and evaluations and communicate with multiple internal and external auditors. They work with external auditors to deliver compliance certifications and attestations.

You will report to the IT DIRECTOR, and work in a hybrid capacity from our Bengaluru/Pune/Noida, India office.

Key Responsibilities:

• Implement information security management systems such as ISO 27001, SOC 2, NIST CSF ETC.
• Evaluate the information security management system to determine its fit for the organization- providing recommendations and actions to remediate deficiencies.
• Co-ordinate internal and external audits against processes and systems, benchmarking them against multiple standards such as ISO 27001, SOC 2, SOX, TiSAX etc. and internal policies.
• Develop and document processes that reduce potential for introduction of security risks, provide opportunities to automate, and provide continuous improvement measures.
• Respond to qualifying compliance incidents and invoke appropriate resources to deal with the incidents.
• Support external audits and evaluations by external assessors.
• Conduct risk assessments and vulnerability assessments and provide effective recommendations.
• Help maintain and improve the ISMS through periodic sustaining activities

The Essentials – You Will Have:

● Degree or Equivalent Relevant Experience in Cybersecurity Governance Risk and Compliance

● 3-5 years of experience in control and assurance related role

● Good understanding of Software-as-a-Service (SaaS) business model and operations

The Preferred – You Might Also Have:

● CISA, CISSP, ISO 27001 Lead Auditor or Implementer certification is a plus

● Understanding of different security frameworks and standards such as NIST 800 series, SOC 2, ISO 27001, and TiSAX.

● Great ability to explain technical concepts to business users

● Experience from consulting firms

● CISSP, CISA, CISA

What We Offer:

Our benefits package includes:

• Calm premium membership for mindfulness

• Volunteer Paid Time Off available after 6 months

• Company donation matching program

• Employee Assistance Program

• Personalized wellbeing programs through OnTrack

• On-demand digital course library for professional development ... and other local benefits!

At Rockwell Automation, we are committed to building a diverse, inclusive, and authentic workplace. If you're excited about this role but your experience doesn't align perfectly with every qualification, we encourage you to apply.

#LI-Hybrid

#LI-SM1

Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.