Druva Logo

Druva

Senior GRC Analyst

Reposted 8 Days Ago
Be an Early Applicant
Pune, Maharashtra
Senior level
Pune, Maharashtra
Senior level
The Senior GRC Analyst will manage the POAM process, ensure FedRAMP compliance, and analyze security risks for federal agencies.
The summary above was generated by AI


About Druva 

Druva, the autonomous data security company, puts data security on autopilot with a 100% SaaS, fully managed platform to secure and recover data from all threats. The Druva Data Security Cloud ensures the availability, confidentiality, and fidelity of data - providing customers with autonomous protection, rapid incident response, and guaranteed data recovery. The company is trusted by its more than 6,000 customers, including 65 of the Fortune 500, to defend business data in today’s ever-connected world. Amidst a rapidly evolving security landscape, Druva offers a $10 million Data Resiliency Guarantee ensuring customer data is protected and secured against every cyber threat. Visit druva.com and follow us on LinkedIn, Twitter and Facebook.

We are seeking a Federal GRC Analyst to join our team. The candidate will be responsible for managing the POAM (Plan of Actions and Milestones) process, working with Federal agencies, analyzing vulnerability, application, web, and database scans for multiple environments, and providing support for compliance with the FedRAMP program.  The candidate should have experience in building and maintaining network architecture diagrams, data flow diagrams, System Security Plans, Ports, Protocols, and Services Management (PPSM) documentation. The role requires knowledge of NIST Risk Management Framework (RMF), FedRAMP High, Moderate,baselines. Familiarity with StateRAMP and TX-RAMP is also a plus.


Primary Responsibilities

  • Manage the POAM process, including creating, tracking, and reporting on POAM items
  • Work with Federal agencies to address security concerns and ensure compliance with FedRAMP requirements
  • Analyse vulnerability scans to identify security risks and recommend remediation actions
  • Provide support for compliance with FedRAMP program requirements, including conducting security assessments and preparing security documentation
  • Maintain and update a System Security Plan
  • Collect and maintain artifacts used and needed for FedRAMP annual assessment
  • Collaborate with third-party assessment organisation (3PAO) for assessments
  • Stay up-to-date on changes to regulations and standards related to federal compliance and security
  • Work cross-functionally with engineering, product, advisory, legal, and sales teams to provide customer and stakeholder support


Qualifications & Skills

Education and Training:

  • Degree in Computer Science or equivalent
  • Understanding of multiple technology domains including Cloud, Software Development, MS Windows, Database management, Networking, and UNIX (preferred).
  • Understanding of information security standards, best practices for securing computer systems, and applicable laws and regulations.

Technical or Professional Experience:

  • Total of 8+ years with a minimum    of relevant experience
  • 2+ years experience in federal compliance and governance, including experience with FedRAMP, NIST, FISMA and other relevant regulations and standards
  • Progressive achievement in one or more of the traditional IT disciplines (applications, operations, infrastructure, and management).
  • Experience with SaaS Cloud Operations required.
  • Familiarity with AWS GovCloud environment and its related services
  • Experience in using scanning solutions to gather and review container, database, web application and other vulnerability scans.

Skills Requirements:

  • Outstanding interpersonal and communications skills; ability to communicate effectively with technical and non-technical audiences.
  • Strong verbal and written English language competency.
  • Strong knowledge of information security/Compliance standards(NIST/ISO are examples).
  • Expert knowledge of internal auditing, internal controls, risk management, and practices and methods.
  • Comprehensive understanding of internal control environments within the IT function.
  • Experience with multiple technology domains including aspects of Windows, Unix and/or database administration, software development and networking.
  • Excellent leadership and teamwork skills.
  • Proactive, hands-on, detail-oriented and results-driven orientation required.
  • Ability to produce high quality work products for both the IT groups and Senior Management.

 

Additional Desirable Qualifications:

  • Recognized accounting/auditing/information system certifications (e.g. CISA, CISSP)
  • Experience with a reputed auditing firm



Top Skills

Aws Govcloud
Fedramp
Nist Risk Management Framework
Vulnerability Scanning Solutions

Druva Pune, Mahārāshtra, IND Office

Muttha Chambers II, Level VI, Senepati Bapat Marg, Senepati Bapat Marg,, Pune, Maharashtra , India, 411046

Similar Jobs

Yesterday
2 Locations
Senior level
Senior level
Artificial Intelligence • Automotive • Computer Vision • Information Technology • Internet of Things • Logistics • Software
The Lead Data Scientist will develop machine learning solutions for map-making, manage predictive modeling projects, and collaborate with cross-functional teams.
Top Skills: DockerGisHadoopHiveMatlabNoSQLPigPythonRSASScalaShell ScriptSparkSQL
Yesterday
Pune, Maharashtra, IND
Senior level
Senior level
Healthtech • Logistics • Pharmaceutical
The Analyst II role involves managing OneTrust Cookie Consent systems, ensuring privacy compliance, and integrating policies with legal teams. It emphasizes project management, configuration for AI Governance, and ongoing testing and validation of consent strategies.
Top Skills: CookiebotGoogle Tag ManagerGradleJdbcJeeJmsJpaMicrosoft Office SuiteOnetrustOrm SolutionsSpring
Yesterday
Hybrid
Pune, Maharashtra, IND
Senior level
Senior level
Artificial Intelligence • Healthtech • Professional Services • Analytics • Consulting
The Senior Governance & Risk Analyst will support global ESG initiatives, particularly in data analysis, compliance, environmental reporting, and vendor management related to sustainability efforts.
Top Skills: Archer GrcEcovadisGriIso 14001Iso 14064ExcelMicrosoft PowerpointMicrosoft WordSasb

What you need to know about the Pune Tech Scene

Once a far-out concept, AI is now a tangible force reshaping industries and economies worldwide. While its adoption will automate some roles, AI has created more jobs than it has displaced, with an expected 97 million new roles to be created in the coming years. This is especially true in cities like Pune, which is emerging as a hub for companies eager to leverage this technology to develop solutions that simplify and improve lives in sectors such as education, healthcare, finance, e-commerce and more.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account