Amazure Technologies Pvt Ltd
Website:
amazuretec.com
Job details:
Role Summary
The Cybersecurity GRC & Project Manager is responsible for overseeing governance, risk, and compliance (GRC) initiatives while leading cybersecurity-related projects across the organization. This role bridges security strategy, regulatory compliance, risk management, and execution, ensuring security programs are delivered on time, within scope, and aligned with business objectives.
Key Responsibilities
Governance, Risk & Compliance (GRC)
- Develop, implement, and maintain cybersecurity governance frameworks, policies, standards, and procedures
- Lead and manage security risk assessments, threat modeling, and risk treatment plans
- Ensure compliance with applicable regulations and frameworks (e.g., ISO 27001, NIST CSF, SOC 2, PCI DSS, GDPR, HIPAA, etc.)
- Coordinate internal and external security audits, assessments, and regulatory examinations
- Track, manage, and report on security risks, issues, and remediation activities
- Support third-party/vendor risk management and security due diligence processes
Project & Program Management
- Plan, execute, and manage cybersecurity projects from initiation through closure
- Define project scope, objectives, deliverables, timelines, and success metrics
- Coordinate cross-functional teams including IT, Security, Legal, Compliance, and Business stakeholders
- Manage project dependencies, risks, budgets, and resource allocation
- Track project progress and provide regular status updates to leadership
- Ensure projects align with organizational security strategy and risk posture
Stakeholder & Communication Management
- Act as a key liaison between technical teams and business stakeholders
- Translate security and compliance requirements into actionable project plans
- Prepare executive-level dashboards, reports, and presentations on risk, compliance, and project status
- Promote security awareness and a culture of risk management across the organization
Required Qualifications
- Bachelor’s degree in Information Security, Computer Science, Information Systems, or related field (or equivalent experience)
- 8+ years of experience in cybersecurity, GRC, risk management, or IT security
- 3+ years of experience managing projects or programs, preferably in cybersecurity or IT
- Strong knowledge of security frameworks, standards, and regulatory requirements
- Experience conducting risk assessments, audits, and compliance initiatives
- Proven ability to manage multiple projects simultaneously in a fast-paced environment
Preferred / Nice-to-Have Qualifications
- Professional certifications such as CISM, CISSP, CRISC, ISO 27001 LA/LI, PMP, PRINCE2, or PMI-ACP
- Experience with GRC tools (e.g., Archer, ServiceNow GRC, OneTrust, RiskRecon, LogicGate)
- Familiarity with cloud security (AWS, Azure, GCP) and SaaS environments
- Experience in regulated industries (financial services, healthcare, fintech, SaaS, government)
- Strong analytical, documentation, and reporting skills
Key Skills & Competencies
- Cybersecurity Governance & Risk Management
- Regulatory Compliance & Audit Management
- Project & Program Management
- Stakeholder Communication & Executive Reporting
- Risk Analysis & Remediation Tracking
- Strong organizational and prioritization skills
Click on Apply to know more.